TrustBasisType - the type of trusted information which has been resolved and which will serve as the basis for
trust evaluationpublic abstract class BaseSignatureTrustEngine<TrustBasisType> extends Object implements SignatureTrustEngine
SignatureTrustEngine which evaluates the validity and trustworthiness of XML and raw
signatures.
When processing XML signatures, the supplied KeyInfoCredentialResolver will be used to resolve credential(s) containing the (advisory) signing key from the KeyInfo element of the Signature, if present. If any of these credentials do contain the valid signing key, they will be evaluated for trustworthiness against trusted information, which will be resolved in an implementation-specific manner.
Subclasses are required to implement evaluateTrust(Credential, Object) using an implementation-specific
trust model.
| コンストラクタと説明 |
|---|
BaseSignatureTrustEngine(KeyInfoCredentialResolver keyInfoResolver)
Constructor.
|
| 修飾子とタイプ | メソッドと説明 |
|---|---|
protected void |
checkParams(Signature signature,
CriteriaSet trustBasisCriteria)
Check the signature and credential criteria for required values.
|
protected void |
checkParamsRaw(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria)
Check the signature and credential criteria for required values.
|
protected abstract boolean |
evaluateTrust(Credential untrustedCredential,
TrustBasisType trustBasis)
Evaluate the untrusted KeyInfo-derived credential with respect to the specified trusted information.
|
KeyInfoCredentialResolver |
getKeyInfoResolver()
Get the KeyInfoCredentialResolver instance used to resolve (advisory) signing credential information
from KeyInfo elements contained within a Signature element.
|
protected boolean |
validate(Signature signature,
TrustBasisType trustBasis)
Attempt to establish trust by resolving signature verification credentials from the Signature's KeyInfo.
|
protected boolean |
verifySignature(Signature signature,
Credential credential)
Attempt to verify a signature using the key from the supplied credential.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitvalidatevalidatepublic BaseSignatureTrustEngine(KeyInfoCredentialResolver keyInfoResolver)
keyInfoResolver - KeyInfo credential resolver used to obtain the (advisory) signing credential from a
Signature's KeyInfo element.public KeyInfoCredentialResolver getKeyInfoResolver()
getKeyInfoResolver インタフェース内 SignatureTrustEngineprotected boolean validate(Signature signature, TrustBasisType trustBasis) throws SecurityException
evaluateTrust(Credential, Object).signature - the Signature to evaluatetrustBasis - the information which serves as the basis for trust evaluationSecurityException - if an error occurs during signature verification or trust processingprotected abstract boolean evaluateTrust(Credential untrustedCredential, TrustBasisType trustBasis) throws SecurityException
untrustedCredential - the untrusted credential being evaluatedtrustBasis - the information which serves as the basis for trust evaluationSecurityException - if an error occurs during trust processingprotected boolean verifySignature(Signature signature, Credential credential)
signature - the signature on which to attempt verificationcredential - the credential containing the candidate validation keyprotected void checkParams(Signature signature, CriteriaSet trustBasisCriteria) throws SecurityException
signature - the signature to be evaluatedtrustBasisCriteria - the set of trusted credential criteriaSecurityException - thrown if required values are absent or otherwise invalidprotected void checkParamsRaw(byte[] signature,
byte[] content,
String algorithmURI,
CriteriaSet trustBasisCriteria)
throws SecurityException
signature - the signature to be evaluatedcontent - the data over which the signature was computedalgorithmURI - the signing algorithm URI which was usedtrustBasisCriteria - the set of trusted credential criteriaSecurityException - thrown if required values are absent or otherwise invalidCopyright © 2012. All Rights Reserved.