1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.opensaml.xml.signature.validator;
18
19 import java.util.HashSet;
20 import java.util.Set;
21
22 import javax.xml.namespace.QName;
23
24 import org.opensaml.xml.XMLObject;
25 import org.opensaml.xml.signature.PGPData;
26 import org.opensaml.xml.signature.PGPKeyID;
27 import org.opensaml.xml.signature.PGPKeyPacket;
28 import org.opensaml.xml.signature.X509CRL;
29 import org.opensaml.xml.signature.X509Certificate;
30 import org.opensaml.xml.signature.X509Data;
31 import org.opensaml.xml.signature.X509IssuerSerial;
32 import org.opensaml.xml.signature.X509SKI;
33 import org.opensaml.xml.signature.X509SubjectName;
34 import org.opensaml.xml.util.XMLConstants;
35 import org.opensaml.xml.validation.ValidationException;
36 import org.opensaml.xml.validation.Validator;
37
38
39
40
41 public class PGPDataSchemaValidator implements Validator<PGPData> {
42
43
44 private static final Set<QName> VALID_DS_CHILD_NAMES;
45
46
47 public void validate(PGPData xmlObject) throws ValidationException {
48 validateChildrenPresence(xmlObject);
49 validateChildrenNamespaces(xmlObject);
50 }
51
52
53
54
55
56
57
58 protected static Set<QName> getValidDSChildNames() {
59 return VALID_DS_CHILD_NAMES;
60 }
61
62
63
64
65
66
67
68 protected void validateChildrenPresence(PGPData xmlObject) throws ValidationException {
69 if (xmlObject.getPGPKeyID() == null && xmlObject.getPGPKeyPacket() == null) {
70 throw new ValidationException("PGPData must contain at least one of PGPKeyID or PGPKeyPacket");
71 }
72 }
73
74
75
76
77
78
79
80
81 protected void validateChildrenNamespaces(PGPData xmlObject) throws ValidationException {
82
83 for (XMLObject child : xmlObject.getUnknownXMLObjects()) {
84 QName childName = child.getElementQName();
85 if (! getValidDSChildNames().contains(childName)
86 && XMLConstants.XMLSIG_NS.equals(childName.getNamespaceURI())) {
87 throw new ValidationException("PGPData contains an illegal child extension element: " + childName);
88 }
89 }
90 }
91
92 static {
93 VALID_DS_CHILD_NAMES = new HashSet<QName>(5);
94 VALID_DS_CHILD_NAMES.add(PGPKeyID.DEFAULT_ELEMENT_NAME);
95 VALID_DS_CHILD_NAMES.add(PGPKeyPacket.DEFAULT_ELEMENT_NAME);
96 }
97 }