Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

be.fedict.eid.applet.service.signer.facets
Class XAdESSignatureFacet

java.lang.Object
  extended by be.fedict.eid.applet.service.signer.facets.XAdESSignatureFacet
All Implemented Interfaces:
SignatureFacet
public class XAdESSignatureFacet
extends Object
implements SignatureFacet

XAdES Signature Facet. Implements XAdES v1.4.1 which is compatible with XAdES v1.3.2. The implemented XAdES format is XAdES-BES/EPES. It's up to another part of the signature service to upgrade the XAdES-BES to a XAdES-X-L. This implementation has been tested against an implementation that participated multiple ETSI XAdES plugtests.

Author:
Frank Cornelis
See Also:
http://en.wikipedia.org/wiki/XAdES

Constructor Summary
XAdESSignatureFacet()
          Default constructor.
XAdESSignatureFacet(Clock clock)
          Convenience constructor.
XAdESSignatureFacet(Clock clock, DigestAlgo digestAlgorithm)
          Convenience constructor.
XAdESSignatureFacet(Clock clock, DigestAlgo digestAlgorithm, SignaturePolicyService signaturePolicyService)
          Main constructor.
XAdESSignatureFacet(DigestAlgo digestAlgorithm)
          Convenience constructor.
XAdESSignatureFacet(DigestAlgo digestAlgorithm, SignaturePolicyService signaturePolicyService)
          Convenience constructor.
XAdESSignatureFacet(SignaturePolicyService signaturePolicyService)
          Convenience constructor.
 
Method Summary
 void addMimeType(String dsReferenceUri, String mimetype)
          Adds a mime-type for the given ds:Reference (referred via its @URI).
static be.fedict.eid.applet.service.signer.jaxb.xades132.CertIDType getCertID(X509Certificate certificate, be.fedict.eid.applet.service.signer.jaxb.xades132.ObjectFactory xadesObjectFactory, be.fedict.eid.applet.service.signer.jaxb.xmldsig.ObjectFactory xmldsigObjectFactory, DigestAlgo digestAlgorithm, boolean issuerNameNoReverseOrder)
          Gives back the JAXB CertID data structure.
static be.fedict.eid.applet.service.signer.jaxb.xades132.DigestAlgAndValueType getDigestAlgAndValue(byte[] data, be.fedict.eid.applet.service.signer.jaxb.xades132.ObjectFactory xadesObjectFactory, be.fedict.eid.applet.service.signer.jaxb.xmldsig.ObjectFactory xmldsigObjectFactory, DigestAlgo digestAlgorithm)
          Gives back the JAXB DigestAlgAndValue data structure.
 void postSign(Element signatureElement, List<X509Certificate> signingCertificateChain)
          This method is being invoked by the XML signature service engine during the post-sign phase.
 void preSign(javax.xml.crypto.dsig.XMLSignatureFactory signatureFactory, Document document, String signatureId, List<X509Certificate> signingCertificateChain, List<javax.xml.crypto.dsig.Reference> references, List<javax.xml.crypto.dsig.XMLObject> objects)
          This method is being invoked by the XML signature service engine during pre-sign phase.
 void setIdSignedProperties(String idSignedProperties)
          Sets the Id that will be used on the SignedProperties element;
 void setIssuerNameNoReverseOrder(boolean reverseOrder)
          Work-around for Office 2010 IssuerName encoding.
 void setRole(String role)
          Sets the XAdES claimed role.
 void setSignaturePolicyImplied(boolean signaturePolicyImplied)
          Sets the signature policy to implied.
 void setXadesNamespacePrefix(String xadesNamespacePrefix)
          Sets the XAdES XML namespace prefix.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

XAdESSignatureFacet

public XAdESSignatureFacet()
Default constructor. Will use a local clock and "SHA-1" for digest algorithm.

XAdESSignatureFacet

public XAdESSignatureFacet(Clock clock)
Convenience constructor. Will use "SHA-1" for digest algorithm.

Parameters:
clock - the clock to be used for determining the xades:SigningTime

XAdESSignatureFacet

public XAdESSignatureFacet(DigestAlgo digestAlgorithm)
Convenience constructor. Will use a local clock.

Parameters:
digestAlgorithm - the digest algorithm to be used for all required XAdES digest operations. Possible values: "SHA-1", "SHA-256", or "SHA-512".

XAdESSignatureFacet

public XAdESSignatureFacet(DigestAlgo digestAlgorithm,
                           SignaturePolicyService signaturePolicyService)
Convenience constructor. Will use a local clock.

Parameters:
digestAlgorithm - the digest algorithm to be used for all required XAdES digest operations. Possible values: "SHA-1", "SHA-256", or "SHA-512".
signaturePolicyService - the optional signature policy service used for XAdES-EPES.

XAdESSignatureFacet

public XAdESSignatureFacet(SignaturePolicyService signaturePolicyService)
Convenience constructor. Will use a local clock and "SHA-1" as digest algorithm.

Parameters:
signaturePolicyService - the optional signature policy service used for XAdES-EPES.

XAdESSignatureFacet

public XAdESSignatureFacet(Clock clock,
                           DigestAlgo digestAlgorithm)
Convenience constructor.

Parameters:
clock - the clock to be used for determining the xades:SigningTime
digestAlgorithm - the digest algorithm to be used for all required XAdES digest operations. Possible values: "SHA-1", "SHA-256", or "SHA-512".

XAdESSignatureFacet

public XAdESSignatureFacet(Clock clock,
                           DigestAlgo digestAlgorithm,
                           SignaturePolicyService signaturePolicyService)
Main constructor.

Parameters:
clock - the clock to be used for determining the xades:SigningTime
digestAlgorithm - the digest algorithm to be used for all required XAdES digest operations. Possible values: "SHA-1", "SHA-256", or "SHA-512".
signaturePolicyService - the optional signature policy service used for XAdES-EPES.
Method Detail

postSign

public void postSign(Element signatureElement,
                     List<X509Certificate> signingCertificateChain)
Description copied from interface: SignatureFacet
This method is being invoked by the XML signature service engine during the post-sign phase. Via this method a signature facet can extend the XML signatures with for example key information.

Specified by:
postSign in interface SignatureFacet

preSign

public void preSign(javax.xml.crypto.dsig.XMLSignatureFactory signatureFactory,
                    Document document,
                    String signatureId,
                    List<X509Certificate> signingCertificateChain,
                    List<javax.xml.crypto.dsig.Reference> references,
                    List<javax.xml.crypto.dsig.XMLObject> objects)
             throws NoSuchAlgorithmException,
                    InvalidAlgorithmParameterException
Description copied from interface: SignatureFacet
This method is being invoked by the XML signature service engine during pre-sign phase. Via this method a signature facet implementation can add signature facets to an XML signature.

Specified by:
preSign in interface SignatureFacet
signingCertificateChain - the optional signing certificate chain
Throws:
NoSuchAlgorithmException
InvalidAlgorithmParameterException

getDigestAlgAndValue

public static be.fedict.eid.applet.service.signer.jaxb.xades132.DigestAlgAndValueType getDigestAlgAndValue(byte[] data,
                                                                                                           be.fedict.eid.applet.service.signer.jaxb.xades132.ObjectFactory xadesObjectFactory,
                                                                                                           be.fedict.eid.applet.service.signer.jaxb.xmldsig.ObjectFactory xmldsigObjectFactory,
                                                                                                           DigestAlgo digestAlgorithm)
Gives back the JAXB DigestAlgAndValue data structure.

Parameters:
data -
xadesObjectFactory -
xmldsigObjectFactory -
digestAlgorithm -
Returns:

getCertID

public static be.fedict.eid.applet.service.signer.jaxb.xades132.CertIDType getCertID(X509Certificate certificate,
                                                                                     be.fedict.eid.applet.service.signer.jaxb.xades132.ObjectFactory xadesObjectFactory,
                                                                                     be.fedict.eid.applet.service.signer.jaxb.xmldsig.ObjectFactory xmldsigObjectFactory,
                                                                                     DigestAlgo digestAlgorithm,
                                                                                     boolean issuerNameNoReverseOrder)
Gives back the JAXB CertID data structure.

Parameters:
certificate -
xadesObjectFactory -
xmldsigObjectFactory -
digestAlgorithm -
Returns:

addMimeType

public void addMimeType(String dsReferenceUri,
                        String mimetype)
Adds a mime-type for the given ds:Reference (referred via its @URI). This information is added via the xades:DataObjectFormat element.

Parameters:
dsReferenceUri -
mimetype -

setIdSignedProperties

public void setIdSignedProperties(String idSignedProperties)
Sets the Id that will be used on the SignedProperties element;

Parameters:
idSignedProperties -

setSignaturePolicyImplied

public void setSignaturePolicyImplied(boolean signaturePolicyImplied)
Sets the signature policy to implied.

Parameters:
signaturePolicyImplied -

setXadesNamespacePrefix

public void setXadesNamespacePrefix(String xadesNamespacePrefix)
Sets the XAdES XML namespace prefix.

Parameters:
xadesNamespacePrefix -

setRole

public void setRole(String role)
Sets the XAdES claimed role.

Parameters:
role -

setIssuerNameNoReverseOrder

public void setIssuerNameNoReverseOrder(boolean reverseOrder)
Work-around for Office 2010 IssuerName encoding.

Parameters:
reverseOrder -
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2008-2012 FedICT. All Rights Reserved.