Module java.xml.crypto
Package javax.xml.crypto.dsig.dom

Class DOMValidateContext

  • All Implemented Interfaces:
    XMLValidateContext, XMLCryptoContext
    public class DOMValidateContext
extends DOMCryptoContext
implements XMLValidateContext
    A DOM-specific XMLValidateContext. This class contains additional methods to specify the location in a DOM tree where an XMLSignature is to be unmarshalled and validated from.

    Note that the behavior of an unmarshalled XMLSignature is undefined if the contents of the underlying DOM tree are modified by the caller after the XMLSignature is created.

    Also, note that DOMValidateContext instances can contain information and state specific to the XML signature structure it is used with. The results are unpredictable if a DOMValidateContext is used with different signature structures (for example, you should not use the same DOMValidateContext instance to validate two different XMLSignature objects).

    Implementation Note:
    The JDK implementation supports a secure validation mode which can be enabled by setting the org.jcp.xml.dsig.secureValidation property to Boolean.TRUE (see the setProperty method). When enabled, validation of XML signatures are subject to stricter checking of algorithms and other constraints as specified by the jdk.xml.dsig.secureValidationPolicy security property. The mode can be disabled by setting the property to Boolean.FALSE. The mode can also be enabled or disabled by setting the org.jcp.xml.dsig.secureValidation system property to "true" or "false". Any other value for the system property is also treated as "false". If the system property is set, it supersedes the DOMValidateContext property value. The secure validation mode is enabled by default if you are running code with a SecurityManager, otherwise it is disabled by default.
    Since:
    1.6
    See Also:
    XMLSignatureFactory.unmarshalXMLSignature(XMLValidateContext)

    • Constructor Detail

      • DOMValidateContext

        public DOMValidateContext​(KeySelector ks,
                          Node node)
        Creates a DOMValidateContext containing the specified key selector and node.
        Parameters:
        ks - a key selector for finding a validation key
        node - the node
        Throws:
        NullPointerException - if ks or node is null

      • DOMValidateContext

        public DOMValidateContext​(Key validatingKey,
                          Node node)
        Creates a DOMValidateContext containing the specified key and node. The validating key will be stored in a singleton KeySelector that is returned when the getKeySelector method is called.
        Parameters:
        validatingKey - the validating key
        node - the node
        Throws:
        NullPointerException - if validatingKey or node is null

    • Method Detail

      • getNode

        public Node getNode()
        Returns the node.
        Returns:
        the node (never null)
        See Also:
        setNode(Node)