Validating an XML Signature
222
J
AVA
XML D
IGITAL
S
IGNATURE
API
The sample program will validate the signature in the file
envelopedSigna-
ture.xml
in the current working directory. To validate a different signature, run
the following command:
$ ant -Dsample.args="signature.xml"
where
"signature.xml"
is the pathname of the file.
Validating an XML Signature
This example shows you how to validate an XML Signature using the JSR 105
API. The example uses DOM (the Document Object Model) to parse an XML
document containing a Signature element and a JSR 105 DOM implementation
to validate the signature.
Instantiating the Document that Contains the
Signature
First we use a JAXP
DocumentBuilderFactory
to parse the XML document
containing the Signature. An application obtains the default implementation for
DocumentBuilderFactory
by calling the following line of code:
DocumentBuilderFactory dbf =
DocumentBuilderFactory.newInstance();
We must also make the factory namespace-aware:
dbf.setNamespaceAware(true);
Next, we use the factory to get an instance of a
DocumentBuilder
, which is used
to parse the document:
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new FileInputStream(argv[0]));
Specifying the Signature Element to be
Validated
We need to specify the
Signature
element that we want to validate, since there
could be more than one in the document. We use the DOM method
Docu-
