javax.xml.crypto.dsig.keyinfo.X509Data Maven / Gradle / Ivy

Show more of this group Show more artifacts with this name
Show all versions of xmlsec Show documentation

Apache XML Security for Java supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the library supports the standard Java API JSR-105: XML Digital Signature APIs.

There is a newer version: 4.0.2

Show newest version

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
/*
 * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
 */
/*
 * $Id: X509Data.java 1333869 2012-05-04 10:42:44Z coheigea $
 */
package javax.xml.crypto.dsig.keyinfo;

import javax.xml.crypto.XMLStructure;
import java.security.cert.X509CRL;
import java.util.List;

/**
 * A representation of the XML X509Data element as defined in 
 * the 
 * W3C Recommendation for XML-Signature Syntax and Processing. An
 * X509Data object contains one or more identifers of keys 
 * or X.509 certificates (or certificates' identifiers or a revocation list). 
 * The XML Schema Definition is defined as:
 * 
 *  *    <element name="X509Data" type="ds:X509DataType"/>
 *    <complexType name="X509DataType"> 
 *        <sequence maxOccurs="unbounded"> 
 *          <choice> 
 *            <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
 *            <element name="X509SKI" type="base64Binary"/>
 *            <element name="X509SubjectName" type="string"/> 
 *            <element name="X509Certificate" type="base64Binary"/>
 *            <element name="X509CRL" type="base64Binary"/> 
 *            <any namespace="##other" processContents="lax"/>
 *          </choice>  
 *        </sequence>
 *    </complexType>
 *
 *    <complexType name="X509IssuerSerialType"> 
 *      <sequence> 
 *        <element name="X509IssuerName" type="string"/> 
 *        <element name="X509SerialNumber" type="integer"/> 
 *      </sequence>
 *    </complexType>
 * 
 *
 * An X509Data instance may be created by invoking the
 * {@link KeyInfoFactory#newX509Data newX509Data} methods of the
 * {@link KeyInfoFactory} class and passing it a list of one or more 
 * {@link XMLStructure}s representing X.509 content; for example:
 *  *   KeyInfoFactory factory = KeyInfoFactory.getInstance("DOM");
 *   X509Data x509Data = factory.newX509Data
 *       (Collections.singletonList("cn=Alice"));
 * 
 *
 * @author Sean Mullan
 * @author JSR 105 Expert Group
 * @see KeyInfoFactory#newX509Data(List)
 */
//@@@ check for illegal combinations of data violating MUSTs in W3c spec
public interface X509Data extends XMLStructure {

    /**
     * URI identifying the X509Data KeyInfo type:
     * http://www.w3.org/2000/09/xmldsig#X509Data. This can be specified as
     * the value of the type parameter of the
     * {@link RetrievalMethod} class to describe a remote
     * X509Data structure.
     */
    String TYPE = "http://www.w3.org/2000/09/xmldsig#X509Data";

    /**
     * URI identifying the binary (ASN.1 DER) X.509 Certificate KeyInfo type:
     * http://www.w3.org/2000/09/xmldsig#rawX509Certificate. This can be 
     * specified as the value of the type parameter of the
     * {@link RetrievalMethod} class to describe a remote X509 Certificate.
     */
    String RAW_X509_CERTIFICATE_TYPE =
        "http://www.w3.org/2000/09/xmldsig#rawX509Certificate";

    /**
     * Returns an {@link java.util.Collections#unmodifiableList unmodifiable 
     * list} of the content in this X509Data. Valid types are 
     * {@link String} (subject names), byte[] (subject key ids), 
     * {@link java.security.cert.X509Certificate}, {@link X509CRL}, 
     * or {@link XMLStructure} ({@link X509IssuerSerial}
     * objects or elements from an external namespace). 
     *
     * @return an unmodifiable list of the content in this X509Data
     *    (never null or empty)
     */
    List getContent();
}