Package eu.europa.esig.dss.xades

Class DSSXMLUtils

  • public final class DSSXMLUtils
extends Object
    Utility class that contains some XML related method.

    • Method Detail

      • registerTransform

        public static boolean registerTransform​(String transformURI)
        This method allows to register a transformation.
        Parameters:
        transformURI - the URI of transform
        Returns:
        true if this set did not already contain the specified element

      • registerCanonicalizer

        public static boolean registerCanonicalizer​(String c14nAlgorithmURI)
        This method allows to register a canonicalizer.
        Parameters:
        c14nAlgorithmURI - the URI of canonicalization algorithm
        Returns:
        true if this set did not already contain the specified element

      • indentAndReplace

        public static Node indentAndReplace​(Document document,
                                    Node node)
        Indents the given node and replaces it with a new one on the document
        Parameters:
        document - Document to indent the node in
        node - Node to be indented
        Returns:
        the indented Node

      • indentAndExtend

        public static Node indentAndExtend​(Document document,
                                   Node newNode,
                                   Node oldNode)
        Extends the given oldNode by appending new indented childs from the given newNode
        Parameters:
        document - owner Document of the node
        newNode - new Node to indent
        oldNode - old Node to extend with new indented elements
        Returns:
        the extended Node

      • getFirstElementChildNode

        public static Element getFirstElementChildNode​(Node parentNode)
        Returns first Element child from the given parentNode
        Parameters:
        parentNode - Node to get first Element child from
        Returns:
        Element child

      • getDocWithIndentedSignatures

        public static Document getDocWithIndentedSignatures​(Document documentDom,
                                                    String signatureId,
                                                    List<String> noIndentObjectIds)

      • getIndentedNode

        public static Node getIndentedNode​(Node documentDom,
                                   Node xmlNode)
        Returns an indented xmlNode
        Parameters:
        documentDom - is an owner Document of the xmlNode
        xmlNode - Node to indent
        Returns:
        an indented Node xmlNode

      • alignChildrenIndents

        public static Node alignChildrenIndents​(Node parentNode)
        Aligns indents for all children of the given node
        Parameters:
        parentNode - Node to align children into
        Returns:
        the given Node with aligned children

      • serializeNode

        public static byte[] serializeNode​(Node xmlNode)
        This method performs the serialization of the given node
        Parameters:
        xmlNode - The node to be serialized.
        Returns:
        the serialized bytes

      • canCanonicalize

        public static boolean canCanonicalize​(String canonicalizationMethod)
        This method says if the framework can canonicalize an XML data with the provided method.
        Parameters:
        canonicalizationMethod - the canonicalization method to be checked
        Returns:
        true if it is possible to canonicalize false otherwise

      • canonicalize

        public static byte[] canonicalize​(String canonicalizationMethod,
                                  byte[] toCanonicalizeBytes)
                           throws DSSException
        This method canonicalizes the given array of bytes using the canonicalizationMethod parameter.
        Parameters:
        canonicalizationMethod - canonicalization method
        toCanonicalizeBytes - array of bytes to canonicalize
        Returns:
        array of canonicalized bytes
        Throws:
        DSSException - if any error is encountered

      • canonicalizeSubtree

        public static byte[] canonicalizeSubtree​(String canonicalizationMethod,
                                         Node node)
        This method canonicalizes the given Node.
        Parameters:
        canonicalizationMethod - canonicalization method
        node - Node to canonicalize
        Returns:
        array of canonicalized bytes

      • canonicalizeOrSerializeSubtree

        public static byte[] canonicalizeOrSerializeSubtree​(String canonicalizationMethod,
                                                    Node node)
        This methods canonicalizes or serializes the given node depending on the canonicalization method (can be null)
        Parameters:
        canonicalizationMethod - the canonicalization method or null
        node - the node to be canonicalized/serialized
        Returns:
        array of bytes

      • recursiveIdBrowse

        public static void recursiveIdBrowse​(Element element)
        An ID attribute can only be dereferenced if it is declared in the validation context. This behaviour is caused by the fact that the attribute does not have attached type of information. Another solution is to parse the XML against some DTD or XML schema. This process adds the necessary type of information to each ID attribute.
        Parameters:
        element -

      • getIDIdentifier

        public static String getIDIdentifier​(Node node)
        If this method finds an attribute with the name ID (case-insensitive) then it is returned. If there is more than one ID attributes then the first one is returned.
        Parameters:
        node - the node to be checked
        Returns:
        the ID attribute value or null

      • getAttribute

        public static String getAttribute​(Node node,
                                  String attributeName)
        Returns attribute value for the given attribute name if exist, otherwise returns NULL
        Parameters:
        node - Node to get attribute value from
        attributeName - String name of the attribute to get value for
        Returns:
        String value of the attribute

      • setIDIdentifier

        public static void setIDIdentifier​(Element childElement)
        If this method finds an attribute with names ID (case-insensitive) then declares it to be a user-determined ID attribute.
        Parameters:
        childElement -

      • validateAgainstXSD

        public static void validateAgainstXSD​(DSSDocument document)
                               throws SAXException
        This method allows to validate a DSSDocument XML against the XAdES XSD schema.
        Parameters:
        document - DSSDocument document to validate
        Throws:
        SAXException - if the document content is not valid

      • validateAgainstXSD

        public static String validateAgainstXSD​(StreamSource streamSource)
        This method allows to validate an XML against the XAdES XSD schema.
        Parameters:
        streamSource - InputStream XML to validate
        Returns:
        null if the XSD validates the XML, error message otherwise

      • avoidXXE

        public static void avoidXXE​(Validator validator)
                     throws SAXException
        The method protects the validator against XXE (https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#validator)
        Parameters:
        validator - the validator to be configured against XXE
        Throws:
        SAXException

      • isOid

        public static boolean isOid​(String policyId)

      • getOidCode

        public static String getOidCode​(String oid)
        Keeps only code of the oid string e.g. "urn:oid:1.2.3" to "1.2.3"
        Parameters:
        oid - String Oid
        Returns:
        Oid Code

      • isDuplicateIdsDetected

        public static boolean isDuplicateIdsDetected​(DSSDocument doc)
        This method is used to detect duplicate id values
        Parameters:
        doc - the document to be analyzed
        Returns:
        TRUE if a duplicate id is detected

      • getNodeBytes

        public static byte[] getNodeBytes​(Node node)
        Returns bytes of the given node
        Parameters:
        node - Node to get bytes for
        Returns:
        byte array

      • getReferenceOriginalContentBytes

        public static byte[] getReferenceOriginalContentBytes​(org.apache.xml.security.signature.Reference reference)
        Returns bytes of the original referenced data
        Parameters:
        reference - Reference to get bytes from
        Returns:
        byte array containing original data

      • isSignedProperties

        public static boolean isSignedProperties​(org.apache.xml.security.signature.Reference reference,
                                         XPathQueryHolder xPathQueryHolder)
        Determines if the given reference refers to SignedProperties element
        Parameters:
        reference - Reference to check
        Returns:
        TRUE if the reference refers to the SignedProperties, FALSE otherwise

      • isCounerSignature

        public static boolean isCounerSignature​(org.apache.xml.security.signature.Reference reference,
                                        XPathQueryHolder xPathQueryHolder)
        Determines if the given reference refers to CounterSignature element
        Parameters:
        reference - Reference to check
        Returns:
        TRUE if the reference refers to the CounterSignature, FALSE otherwise

      • isKeyInfoReference

        public static boolean isKeyInfoReference​(org.apache.xml.security.signature.Reference reference,
                                         Element signature,
                                         XPathQueryHolder xPathQueryHolder)
        Checks if the given reference is linked to a KeyInfo element
        Parameters:
        reference - the Reference to check
        signature - the Element signature the given reference belongs to
        Returns:
        TRUE if the reference is a KeyInfo reference, FALSE otherwise

      • isObjectReferenceType

        public static boolean isObjectReferenceType​(String referenceType)
        Checks if the given referenceType is an xmldsig Object type
        Parameters:
        referenceType - String to check the type for
        Returns:
        TRUE if the provided referenceType is an Object type, FALSE otherwise

      • isManifestReferenceType

        public static boolean isManifestReferenceType​(String referenceType)
        Checks if the given referenceType is an xmldsig Manifest type
        Parameters:
        referenceType - String to check the type for
        Returns:
        TRUE if the provided referenceType is an Manifest type, FALSE otherwise