IPWorks Encrypt 2020 Android Edition

Questions / Feedback?

SignatureInfo Event

Fired when a signature is found.

Syntax

public class DefaultXmlsigEventListener implements XmlsigEventListener {
  ...
  public void signatureInfo(XmlsigSignatureInfoEvent e) {}
  ...
}

public class XmlsigSignatureInfoEvent {
  public String signatureId;
  public boolean signerCertParsed;
}

Remarks

This event fires when calling VerifySignature for each signature found within the XML document.

SignatureId is the id of the signature.

SignerCertParsed indicates whether the signer's certificate was automatically parsed from the signed XML.

Verification Notes

When VerifySignature is called, the component will scan the XML document and fire the SignatureInfo event for each signature that is found. When the SignatureInfo event fires the References collection will be populated.

Within the SignatureInfo event the XMLElement field must be set to the location of the XML element to which the signature applies. The URI field may contain data helpful to locating the XML element.

The XMLElement field specifies the XPath to the element. For instance:

/root/myElement XPath syntax
/root/[1] XPath syntax using an index
/root/ns:myElement XPath syntax where the element has a namespace
myElement Just the element name
@id=myid Attribute selector: This will select an element with an attribute "id" whose value is "myid".
/root/myElement[1]/ns:name2[@attr=attrValue] XPath syntax using an index and attribute selector

The signature is verified either using a key parsed from the signed XML, or using the certificate specified by the SignerCert property. The component will automatically parse the signer certificate (if present) from the signed XML and populate the SignerCert property with the parsed value.

When SignatureInfo fires, if the SignerCertParsed parameter is True the SignerCert property may be inspected to see the details of the parsed certificate. If SignerCertParsed is False, then the SignerCert property must be set to a valid certificate for signature verification to proceed.

When the SignatureInfo event finishes firing, the certificate present in the SignerCert property will be used to verify the signature, whether this is the certificate automatically parsed by the component or a different certificate specified within the event.

If the signature was successfully verified the method will return without error. If the signature was not verified the method throws an exception.

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks Encrypt 2020 Android Edition - Version 20.0 [Build 8161]