View Javadoc

1   /*
2    * Copyright [2007] [University Corporation for Advanced Internet Development, Inc.]
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.opensaml.xml.signature.validator;
18  
19  import javax.xml.namespace.QName;
20  
21  import org.opensaml.xml.XMLObject;
22  import org.opensaml.xml.signature.SPKIData;
23  import org.opensaml.xml.signature.SPKISexp;
24  import org.opensaml.xml.util.XMLConstants;
25  import org.opensaml.xml.validation.ValidationException;
26  import org.opensaml.xml.validation.Validator;
27  
28  /**
29   * Checks {@link org.opensaml.xml.signature.SPKIData} for Schema compliance. 
30   */
31  public class SPKIDataSchemaValidator implements Validator<SPKIData> {
32  
33      /** {@inheritDoc} */
34      public void validate(SPKIData xmlObject) throws ValidationException {
35          validateChildrenPresence(xmlObject);
36          validateChildrenNamespaces(xmlObject);
37      }
38  
39      /**
40       * Validate that at least SPKISexp child is present.
41       * 
42       * @param xmlObject the object to validate
43       * @throws ValidationException  thrown if the object is invalid
44       */
45      protected void validateChildrenPresence(SPKIData xmlObject) throws ValidationException {
46          if (xmlObject.getSPKISexps().isEmpty()) {
47              throw new ValidationException("SPKIData does not contain at least one SPKISexp child");
48          }
49      }
50      
51      /**
52       * Validate that all children are either ones defined within the XML Signature schema,
53       * or are from another namespace.
54       * 
55       * @param xmlObject the object to validate
56       * @throws ValidationException thrown if the object is invalid
57       */
58      protected void validateChildrenNamespaces(SPKIData xmlObject) throws ValidationException {
59          // Validate that any children are either the ones from the dsig schema,
60          // or are from another namespace.
61          for (XMLObject child : xmlObject.getXMLObjects()) {
62              QName childName = child.getElementQName();
63              if (! SPKISexp.DEFAULT_ELEMENT_NAME.equals(childName) 
64                      && XMLConstants.XMLSIG_NS.equals(childName.getNamespaceURI())) {
65                  throw new ValidationException("PGPData contains an illegal child extension element: " + childName);
66              }
67          }
68      }
69      
70  }