DataObjFormatVerifier.java

/*
 * XAdES4j - A Java library for generation and verification of XAdES signatures.
 * Copyright (C) 2010 Luis Goncalves.
 *
 * XAdES4j is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the Free
 * Software Foundation; either version 3 of the License, or any later version.
 *
 * XAdES4j is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
 * details.
 *
 * You should have received a copy of the GNU Lesser General Public License along
 * with XAdES4j. If not, see <http://www.gnu.org/licenses/>.
 */
package xades4j.verification;

import java.util.Collection;
import org.apache.xml.security.signature.ObjectContainer;
import org.apache.xml.security.signature.Reference;
import xades4j.properties.DataObjectFormatProperty;
import xades4j.properties.QualifyingProperty;
import xades4j.properties.data.DataObjectFormatData;
import xades4j.utils.StringUtils;

/**
 * XAdES section G.2.2.8
 * @author Luís
 */
class DataObjFormatVerifier implements QualifyingPropertyVerifier<DataObjectFormatData>
{
    @Override
    public QualifyingProperty verify(
            DataObjectFormatData propData,
            QualifyingPropertyVerificationContext ctx) throws DataObjectFormatVerificationException
    {
        QualifyingPropertyVerificationContext.SignedObjectsData signedObjsData = ctx.getSignedObjectsData();
        String encoding = propData.getEncoding(), mimeType = propData.getMimeType();

        // XAdES G.2.2.8: "The verifier should check that the ObjectReference element
        // actually references one ds:Reference element from the signature."
        RawDataObjectDesc signedObj = signedObjsData.findSignedDataObject(propData.getObjectRef());
        if (null == signedObj)
            throw new DataObjectFormatReferenceException(propData.getObjectRef());

        // "In addition, should this property refer to a ds:Reference that in turn
        // refers to a ds:Object, the verifier should check the values of attributes
        // MimeType and Encoding (...)."
        Reference signedObjRef = signedObj.getReference();
        if (Reference.OBJECT_URI.equals(signedObjRef.getType()))
        {
            // Get the referenced Object.
            ObjectContainer signedObjObj = signedObjsData.findXMLObject(signedObjRef.getURI());
            if (null == signedObjObj)
                throw new DataObjectFormatReferenceException(signedObjRef.getURI());

            String objEncoding = signedObjObj.getEncoding(),
                    objMimeType = signedObjObj.getMimeType();
            // Compare 'encoding' and 'mimeType', if present on both.
            if (StringUtils.differentStringsIfNotNullNorEmpty(objEncoding, encoding) ||
                    StringUtils.differentStringsIfNotNullNorEmpty(objMimeType, mimeType))
                throw new DataObjectFormatMismatchException(mimeType, encoding, signedObjRef, signedObjObj);
        }

        // Create the property.
        DataObjectFormatProperty formatProp = new DataObjectFormatProperty(mimeType, encoding);
        formatProp.withDescription(propData.getDescription());

        Collection<String> docsUris = propData.getDocumentationUris();
        if (docsUris != null)
            formatProp.withDocumentationUris(docsUris);

        formatProp.withIdentifier(propData.getIdentifier());

        // Associate the property to the data object.
        signedObj.withDataObjectFormat(formatProp);
        return formatProp;
    }
}