List of usage examples for javax.xml.crypto.dsig SignatureProperty getTarget
String getTarget();
SignatureProperty. From source file:be.fedict.eid.applet.service.signer.ooxml.OOXMLSignatureVerifier.java
@SuppressWarnings("unchecked") private boolean validateSignatureProperty(SignatureProperty signatureProperty, String signatureId) { if (!signatureProperty.getId().equals("idSignatureTime")) { LOG.error("Unexpected SignatureProperty: expected id=idSignatureTime " + "but got: " + signatureProperty.getId()); return false; }//w w w . ja va 2s . c o m if (!signatureProperty.getTarget().equals("#" + signatureId)) { LOG.error("Unexpected SignatureProperty: expected target=#" + signatureId + "but got: " + signatureProperty.getTarget()); return false; } List<XMLStructure> signatureTimeContent = signatureProperty.getContent(); if (signatureTimeContent.size() != 1) { LOG.error("Unexpected SignatureTime content."); return false; } DOMStructure signatureTimeDOM = (DOMStructure) signatureTimeContent.get(0); Node signatureTimeElement = signatureTimeDOM.getNode(); if (!signatureTimeElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime element: NS=" + signatureTimeElement.getNamespaceURI()); return false; } if (!signatureTimeElement.getLocalName().equals("SignatureTime")) { LOG.error("Invalid SignatureTime element: Name=" + signatureTimeElement.getLocalName()); return false; } if (signatureTimeElement.getChildNodes().getLength() != 2) { LOG.error("Invalid SignatureTime element: Childs=" + signatureTimeElement.getChildNodes().getLength() + ", expected 2 (Format+Value)"); return false; } // format element Node formatElement = signatureTimeElement.getChildNodes().item(0); if (!formatElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime.Format element: NS=" + formatElement.getNamespaceURI()); return false; } if (!formatElement.getLocalName().equals("Format")) { LOG.error("Invalid SignatureTime.Format element: Name=" + formatElement.getLocalName()); return false; } // value element Node valueElement = signatureTimeElement.getChildNodes().item(1); if (!valueElement.getNamespaceURI().equals(OOXMLSignatureFacet.OOXML_DIGSIG_NS)) { LOG.error("Invalid SignatureTime.Value element: NS=" + valueElement.getNamespaceURI()); return false; } if (!valueElement.getLocalName().equals("Value")) { LOG.error("Invalid SignatureTime.Value element: Name=" + valueElement.getLocalName()); return false; } // TODO: validate value? return true; }
From source file:be.fedict.eid.applet.service.signer.ooxml.OOXMLSignatureVerifier.java
@SuppressWarnings("unchecked") private boolean isIdOfficeObjectValid(String signatureId, XMLObject idOfficeObject) { SignatureProperties signatureProperties; if (1 != idOfficeObject.getContent().size()) { LOG.error("Expect SignatureProperties element in \"idPackageObject\"."); return false; }/*from www . j a v a 2 s. c o m*/ signatureProperties = (SignatureProperties) idOfficeObject.getContent().get(0); if (signatureProperties.getProperties().size() != 1) { LOG.error("Unexpected # of SignatureProperty's in idOfficeObject"); return false; } // SignatureInfo SignatureProperty signatureInfoProperty = (SignatureProperty) signatureProperties.getProperties().get(0); if (!signatureInfoProperty.getId().equals("idOfficeV1Details")) { LOG.error("Unexpected SignatureProperty: expected id=idOfficeV1Details " + "but got: " + signatureInfoProperty.getId()); return false; } if (!signatureInfoProperty.getTarget().equals("#" + signatureId)) { LOG.error("Unexpected SignatureProperty: expected target=#" + signatureId + " but got: " + signatureInfoProperty.getTarget()); LOG.warn("Allowing this error because of a bug in Office2010"); // work-around for existing bug in Office2011 // return false; } // SignatureInfoV1 if (signatureInfoProperty.getContent().size() != 1) { LOG.error("Unexpected content in SignatureInfoProperty."); return false; } DOMStructure signatureInfoV1DOM = (DOMStructure) signatureInfoProperty.getContent().get(0); Node signatureInfoElement = signatureInfoV1DOM.getNode(); if (!signatureInfoElement.getNamespaceURI().equals(OOXMLSignatureFacet.OFFICE_DIGSIG_NS)) { LOG.error("Unexpected SignatureInfoProperty content: NS=" + signatureInfoElement.getNamespaceURI()); return false; } // TODO: validate childs: validate all possible from 2.5.2.5 // ([MS-OFFCRYPTO]) or just ManifestHashAlgorithm? return true; }