| Package | flash.security |
| Class | public class XMLSignatureValidator |
| Inheritance | XMLSignatureValidator  EventDispatcher Object |
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
AIR profile support: This feature is supported
on all desktop operating systems and AIR for TV devices, but it is not supported on mobile devices. You can test
for support at run time using the XMLSignatureValidator.isSupported property. See
AIR Profile Support for more information regarding API support across multiple profiles.
XMLSignatureValidator implements a subset of the W3C Recommendation for XML-Signature Syntax and Processing and should not be considered a conforming implementation. The supported subset of the recommendation includes:
You must provide an IURIDereferencer implementation in order to verify an XML signature. This implementation class is responsible for resolving the URIs specified in the SignedInfo elements of the signature file and returning the referenced data in an object, such as a ByteArray, that implements the IDataInput interface.
In order to verify that the signing certificate chains to a trusted certificate, either
the XML signature must contain the certificates required to build the chain in X509Certificate
elements, or you must supply the certificates required to build the chain using the
addCertificate() method.
To verify an XMLSignature:
uriDereferencer property of the instance to an instance of your
IURIDereferencer implementation class.addCertificate() method.verify method, passing in the signature to
be verified.validityStatus property after the XMLSignatureValidator object
dispatches a complete event.About signature status:
The validity of an XML signature can be valid, invalid, or unknown. The overall status depends on the verification status of the individual components of the signature file:
digestStatus — The validity of the cryptographic of the signature computed over
the SignedInfo element. Can be valid, invalid, or unknown.identityStatus — The validity of the signing certificate. If the certificate has
expired, has been revoked, or altered, the status is invalid. If the certificate cannot be chained
to a trusted root certificate, the status is unknown. The certificate is not checked if the
digest is invalid. If not checked, the status will be reported as unknown.referencesStatus — The validity of the data addressed by the references in the
SignedInfo element of the signature file. Can be valid, invalid, or
unknown. The references are not checked if the digest or certificate is invalid.
Reference checking can also be skipped based on the setting of the referencesValidationSetting property.
If not checked, the status will be reported as unknown.The signature validity reported by the validityStatus property can be:
valid — If referencesStatus, digestStatus, and
identityStatus are all valid.invalid — If any individual status is invalid.unknown — If referencesStatus, digestStatus, or
identityStatus is unknown.Canonicalization limitations:
The XML engine in AIR does not always produce the expected XML string when canonicalizing an XML document. For this reason, it is recommended that you avoid putting inter-element whitespace in enveloped or detached signature documents and do not redefine namespaces inside a signature document. In both cases, AIR may not recreate the document with the same character sequence as the original and, therefore, validation will fail.
See also
| Property | Defined by | ||
|---|---|---|---|
 | constructor : Object
A reference to the class object or constructor function for a given object instance.
| Object | |
| digestStatus : String
[read-only]
The validity status of the cryptographic signature computed over the
signature SignedInfo element.
| XMLSignatureValidator | ||
| identityStatus : String
[read-only]
The validity status of the signing certificate.
| XMLSignatureValidator | ||
| isSupported : Boolean
[static][read-only]
The
isSupported property is set to true if the
XMLSignatureValidator class is supported on the current platform, otherwise it is
set to false. | XMLSignatureValidator | ||
| prototype : Object
[static]
A reference to the prototype object of a class or function object.
| Object | |
| referencesStatus : String
[read-only]
The validity status of the data in the references in the signature SignedInfo
element.
| XMLSignatureValidator | ||
| referencesValidationSetting : String
Specifies the conditions under which references are checked.
| XMLSignatureValidator | ||
| revocationCheckSetting : String
Specifies how certificate revocation is checked.
| XMLSignatureValidator | ||
| signerCN : String
[read-only]
The Common Name field of the signing certificate.
| XMLSignatureValidator | ||
| signerDN : String
[read-only]
The Distinguished Name field of the signing certificate.
| XMLSignatureValidator | ||
| signerExtendedKeyUsages : Array
[read-only]
An array containing the Extended Key Usages OIDs listed in the signing certificate.
| XMLSignatureValidator | ||
| signerTrustSettings : Array
[read-only]
An array containing the trust settings of the signing certificate.
| XMLSignatureValidator | ||
| uriDereferencer : IURIDereferencer
The IURIDereferencer implementation.
| XMLSignatureValidator | ||
| useSystemTrustStore : Boolean
Specifies that certificates in the system trust store are used for chain building.
| XMLSignatureValidator | ||
| validityStatus : String
[read-only]
The validity status of a verified XML signature.
| XMLSignatureValidator | ||
| Method | Defined by | ||
|---|---|---|---|
|
Creates an XMLSignatureValidator object.
| XMLSignatureValidator | ||
|
Adds an x509 certificate for chain building.
| XMLSignatureValidator | ||
|
addEventListener(type:String, listener:Function, useCapture:Boolean = false, priority:int = 0, useWeakReference:Boolean = false):void
Registers an event listener object with an EventDispatcher object so that the listener
receives notification of an event.
| EventDispatcher | |
|
Dispatches an event into the event flow.
| EventDispatcher | |
|
Checks whether the EventDispatcher object has any listeners registered for a specific type
of event.
| EventDispatcher | |
|
Indicates whether an object has a specified property defined.
| Object | |
|
Indicates whether an instance of the Object class is in the prototype chain of the object specified
as the parameter.
| Object | |
|
Indicates whether the specified property exists and is enumerable.
| Object | |
|
Removes a listener from the EventDispatcher object.
| EventDispatcher | |
|
Sets the availability of a dynamic property for loop operations.
| Object | |
|
Returns the string representation of this object, formatted according to locale-specific conventions.
| Object | |
|
Returns the string representation of the specified object.
| Object | |
|
Returns the primitive value of the specified object.
| Object | |
|
Verifies the specified signature.
| XMLSignatureValidator | ||
|
Checks whether an event listener is registered with this EventDispatcher object or any of
its ancestors for the specified event type.
| EventDispatcher | |
| Event | Summary | Defined by | ||
|---|---|---|---|---|
| [broadcast event] Dispatched when the Flash Player or AIR application gains operating system focus and becomes active. | EventDispatcher | ||
| Dispatched when verification is complete. | XMLSignatureValidator | |||
| [broadcast event] Dispatched when the Flash Player or AIR application operating loses system focus and is becoming inactive. | EventDispatcher | ||
| Dispatched if verification cannot complete because of errors. | XMLSignatureValidator | |||
| digestStatus | property |
Hide Inherited Public Properties
Show Inherited Public PropertiesdigestStatus:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The validity status of the cryptographic signature computed over the signature SignedInfo element.
The status is:
valid — If signature is cryptographically valid.invalid — If the digest has been altered after signing.unknown — If the verify() method has not
been called.Note: If the digestStatus is invalid, the identityStatus
and referencesStatus are not checked and will be reported as unknown.
public function get digestStatus():String
Error — If accessed while a signature is being validated.
|
| identityStatus | property |
identityStatus:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The validity status of the signing certificate.
The status can be:
valid — The certificate has not expired, has not failed a revocation check and chains
to a trusted root certificate.unknown — The certificate has not expired and has not failed a revocation check,
but does not chain to a trusted root certificate. A status of unknown will also
be reported when the status has not been verified, either because the verify() method has not
been called or because the cryptographic signature of the SignedInfo element (digestStatus)
is invalid.invalid — The certificate has expired or fails a revocation check.The certificates added using the addCertificate() method
and the settings of the revocationCheckSetting and the useSystemTrustStore
properties can change whether a certificate is considered valid.
Note: If the identityStatus is invalid, the referencesStatus is not checked
and will be reported as unknown. In addition, references are not checked when the identityStatus
is unknown unless the referencesValidationSetting is validOrUnknownIdentity
public function get identityStatus():String
Error — If accessed while a signature is being validated.
|
See also
import flash.security.XMLSignatureValidator; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var identityResult:String = verifier.identityStatus;
| isSupported | property |
isSupported:Boolean [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 2 |
The isSupported property is set to true if the
XMLSignatureValidator class is supported on the current platform, otherwise it is
set to false.
public static function get isSupported():Boolean
| referencesStatus | property |
referencesStatus:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The validity status of the data in the references in the signature SignedInfo element.
The status can be:
valid — If all references are valid.invalid — If any reference is invalid.unknown — If not verified.
References can remain unverified in the following circumstances:
verify() method has not been calleddigestStatus) is invalid.identityStatus) is invalidreferencesValidationSetting is validIdentity (which is the default setting) and
the identityStatus of the signing certificate is unknown.referencesValidationSetting is never.Important: External resources are not validated unless they are referenced directly in a SignedInfo element within the signature document. External resources referred to by a secondary reference are not validated. For example, if an XML signature signs a manifest element, only the integrity of the manifest element itself is verified. The files listed in the manifest are not checked.
Implementation public function get referencesStatus():String
Error — If accessed while a signature is being validated.
|
See also
import flash.security.XMLSignatureValidator; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var dataResult:String = verifier.referencesStatus;
| referencesValidationSetting | property |
referencesValidationSetting:String [read-write]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.5 |
Specifies the conditions under which references are checked.
Use constants defined in the ReferencesValidationSetting class to set this property. The settings include:
ReferencesValidationSetting.VALID_IDENTITY — Check references only
if the signing certificate is valid and chains to a trusted root. This is the default setting.ReferencesValidationSetting.VALID_OR_UNKNOWN_IDENTITY — Check references
if the signing certificate is valid, even if it does not chain to a trusted root.ReferencesValidationSetting.NEVER — Never check references.
Use the default, validIdentity, setting with signatures signed with a commercial certificate or when you
supply your own certificate as a trust anchor with the addCertificate() method. This
setting avoids the overhead of checking reference validity when the signed document will be rejected anyway.
Use the validOrUnknownIdentity setting with signatures signed with self-signed certificates. This setting allows you to
validate that the signed data has not been altered, but does not provide any assurances about the identity
of the signer.
Use the never setting to avoid the overhead of validating references when such validation is not important in the
context of your application.
public function get referencesValidationSetting():String
public function set referencesValidationSetting(value:String):void
Error — If set while a signature is being validated.
|
|
ArgumentError — if the setting parameter contains a value not defined in the ReferencesValidationSetting class.
|
See also
import flash.security.ReferencesValidationSetting; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); verifier.referencesValidationSetting = ReferencesValidationSetting.VALID_OR_UNKNOWN_IDENTITY;
| revocationCheckSetting | property |
revocationCheckSetting:String [read-write]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Specifies how certificate revocation is checked.
Use constants defined in the RevocationSettings class to set this property. The settings include:
RevocationCheckSettings.NEVER — Do not check certificate revocation.RevocationCheckSettings.BEST_EFFORT — Check certificate revocation,
if revocation information is available and the revocation status can be obtained.
If revocation status cannot be positively determined, the certificate is not rejected.RevocationCheckSettings.REQUIRED_IF_AVAILABLE — If the certificate includes
revocation information, the revocation status must be positively determined to validate
the certificate.RevocationCheckSettings.ALWAYS_REQUIRED — Always check certificate revocation.
Certificates without revocation information are rejected. public function get revocationCheckSetting():String
public function set revocationCheckSetting(value:String):void
Error — If set while a signature is being validated.
|
See also
| signerCN | property |
signerCN:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The Common Name field of the signing certificate.
Implementation public function get signerCN():String
var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var commonName:String = verifier.signerCN;
| signerDN | property |
signerDN:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The Distinguished Name field of the signing certificate.
Implementation public function get signerDN():String
var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var distinguishedName:String = verifier.signerDN;
| signerExtendedKeyUsages | property |
signerExtendedKeyUsages:Array [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
An array containing the Extended Key Usages OIDs listed in the signing certificate.
Each extended key usage is reported in numeric OID form.
Implementation public function get signerExtendedKeyUsages():Array
Error — If accessed while a signature is being validated.
|
import flash.security.XMLSignatureValidator; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var extendedKeyOIDs:Array = verifier.signerExtendedKeyUsages;
| signerTrustSettings | property |
signerTrustSettings:Array [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
An array containing the trust settings of the signing certificate.
Trust settings are derived from the system and the key usage OIDs embedded in the certificate. Constants for the strings representing the recognized trust settings are defined in the SignerTrustSettings class.
The signerTrustSettings array of an unknown or
invalid certificate is empty.
Modifying the array does not change the certificate trust settings.
Implementation public function get signerTrustSettings():Array
Error — If accessed while a signature is being validated.
|
See also
import flash.security.XMLSignatureValidator; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate a signature... var certificateTrustedFor:Array = verifier.signerTrustSettings;
| uriDereferencer | property |
uriDereferencer:IURIDereferencer [read-write]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The IURIDereferencer implementation.
An IURIDereferencer implementation must be provided before attempting to verify a signature.
Implementation public function get uriDereferencer():IURIDereferencer
public function set uriDereferencer(value:IURIDereferencer):void
Error — If set while a signature is being validated.
|
See also
import com.example.SignedMessageDereferencer; //A custom class implementing IURIDereferencer var verifier:XMLSignatureValidator = new XMLSignatureValidator(); verifier.uriDereferencer = new SignedMessageDereferencer();
| useSystemTrustStore | property |
useSystemTrustStore:Boolean [read-write]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Specifies that certificates in the system trust store are used for chain building.
If true, then the trust anchors in the system trust store
are used as trusted roots. The system trust store is not used by default.
public function get useSystemTrustStore():Boolean
public function set useSystemTrustStore(value:Boolean):void
Error — If set while a signature is being validated.
|
var verifier:XMLSignatureValidator = new XMLSignatureValidator(); verifier.useSystemTrustStore = true;
| validityStatus | property |
validityStatus:String [read-only]
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
The validity status of a verified XML signature.
The XML signature is verified by validating the the cryptographic signature of the SignedInfo element,
the signing certificate, and the data addressed by the references in the SignedInfo element.
The validity of each of these elements is reported individually by the digestStatus,
identityStatus(), and referencesStatus properties, respectively.
The validity of an XML signature can be valid, invalid, or unknown. The overall status depends on the verification status of the individual components of the signature file:
digestStatus — The validity of the cryptographic signature computed over
the SignedInfo element.identityStatus — The validity of the signing certificate.referencesStatus — The validity of the digest of the references in the
signature SignedInfo element.The signature validity reported by the validityStatus property can be:
valid — If referencesStatus, digestStatus, and
identityStatus are all valid.invalid — If any individual status is invalid.unknown — If any individual status is unknown. public function get validityStatus():String
Error — If accessed while a signature is being validated.
|
See also
import flash.security.XMLSignatureValidator; var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //validate the signature... var validationResult:String = verifier.validityStatus;
| XMLSignatureValidator | () | constructor |
public function XMLSignatureValidator()
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Creates an XMLSignatureValidator object.
You must set the uriDereferencer property before calling the verify()
method of the new object.
See also
import com.example.EnvelopedDereferencer; //Your custom IURIDereferencer implementation //Create the object var verifier:XMLSignatureValidator = new XMLSignatureValidator(); //Provide the IURIDerferencer verifier.uriDereferencer = new EnvelopedDereferencer(xmlDoc); //Set validation options verifier.referencesValidationSetting = ReferencesValidationSetting.VALID_OR_UNKNOWN_IDENTITY; verifier.revocationCheckSetting = RevocationCheckSettings.NEVER; verifier.useSystemTrustStore = true; //Add listeners to handle results verifier.addEventListener(Event.COMPLETE, verificationComplete); verifier.addEventListener(ErrorEvent.ERROR, verificationError);
| addCertificate | () | method |
public function addCertificate(cert:ByteArray, trusted:Boolean):*
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Adds an x509 certificate for chain building.
The certificate added must be a DER-encoded x509 certificate.
If the trusted parameter is true, the
certificate is considered a trust anchor.
Note: An XML signature may include certificates for building the signer's certificate chain. The XMLSignatureValidator class uses these certificates for chain building, but not as trusted roots (by default).
Parameterscert:ByteArray — A ByteArray object containing a DER-encoded x509 digital certificate.
|
|
trusted:Boolean — Set to true to designate this certificate as a trust anchor.
|
* |
Error — If called while a signature is being validated.
|
import flash.utils.ByteArray;
var verifier:XMLSignatureValidator = new XMLSignatureValidator();
var certificate:ByteArray = new ByteArray();
var certFile:File = new File("certificate.cer");
var certFileStream:FileStream = new FileStream();
certFileStream.open(certFile, FileMode.READ);
certFileStream.readBytes(certificate, 0, certFileStream.bytesAvailable);
verifier.addCertificate(certificate, true);
| verify | () | method |
public function verify(signature:XML):void
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Verifies the specified signature.
Verification is asynchronous. The XMLSignatureValidator object dispatches
a complete event when verification completes successfully or
an error event if verification cannot complete because of errors.
The verification process cannot be cancelled. While a verification process is under way,
subsequent calls to the verify() method fail. After the current verification
check is complete, you can call the verify() method again.
Note: Because the XMLSignatureValidator only implements a subset of the W3C recommendation for XML Signature Syntax and Processing, not all valid XML signatures can be verified.
Parameterssignature:XML — The XML signature to verify.
|
complete:Event — Dispatched when verification completes successfully. |
|
error:ErrorEvent — Dispatched if the verification of references encounters an error. |
Error — If called while a signature is being validated.
|
|
Error — If other errors are encountered, such as non-well-formed XML or
unsupported elements in the signature file.
|
verify() method.
(The example assumes that the IURIDereferencer implementation is appropriate for the signature.)
import flash.filesystem.File; import flash.filesystem.FileStream; import com.example.SignedMessageDereferencer; //Your IURIDereferencer implementation const xmlSignatureNS:Namespace = new Namespace( "http://www.w3.org/2000/09/xmldsig#" ); var verifier:XMLSignatureValidator = new XMLSignatureValidator(); verifier.uriDereferencer = new SignedMessageDereferencer(); var signatureFile:File = new File( "path/to/XMLSignatureDocument.xml" ); var sigFileStream:FileStream = new FileStream(); sigFileStream.open( signatureFile, FileMode.READ ); var xmlDoc:XML = XML( sigFileStream.readUTFBytes(sigFileStream.bytesAvailable) ); var xmlSig:XML = XML( xmlDoc..xmlSignatureNS::Signature ); verifier.verify( xmlSig );
| complete | event |
flash.events.Event
flash.events.Event.COMPLETE
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Dispatched when verification is complete.
A complete event does not imply that the
signature is valid. Check the validityStatus property of
the XMLSignatureValidator object to
determine the outcome of the signature verification.
The Event.COMPLETE constant defines the value of the type property of a complete event object.
This event has the following properties:
| Property | Value |
|---|---|
bubbles | false |
cancelable | false; there is no default behavior to cancel. |
currentTarget | The object that is actively processing the Event object with an event listener. |
target | The network object that has completed loading. |
private function verificationComplete(event:Event):void{
var validator:XMLSignatureValidator = event.target as XMLSignatureValidator;
trace("Digest status: " + validator.digestStatus);
trace("Identity status: " + validator.identityStatus);
trace("Reference status: " + validator.referencesStatus);
trace("Signature status: " + validator.validityStatus);
}
See also
| error | event |
flash.events.ErrorEvent
flash.events.ErrorEvent.ERROR
| Language version: | ActionScript 3.0 |
| Runtime version: | AIR 1.0 |
Dispatched if verification cannot complete because of errors.
Defines the value of the type property of an error event object.
This event has the following properties:
| Property | Value |
|---|---|
bubbles | false |
cancelable | false; there is no default behavior to cancel. |
currentTarget | The object that is actively processing the Event object with an event listener. |
target | The object experiencing a network operation failure. |
text | Text to be displayed as an error message. |
private function verificationError(event:ErrorEvent):void{
trace("Verification error: " + event.text);
}
SignatureValidatorExample.validateSignature( signatureFile ),
passing in the file referencing the XML signature document to validate.
import flash.events.Event;
import flash.filesystem.File;
import flash.filesystem.FileStream;
import flash.security.ReferencesValidationSetting;
import flash.security.XMLSignatureValidator;
import com.example.SignedMessageDereferencer; //A custom class implementing IURIDereferencer
public class SignatureValidatorExample{
private var xmlSig:XML;
private const signatureNS:Namespace = new Namespace( "http://www.w3.org/2000/09/xmldsig#" );
public static function validateSignature( signatureFile:File ):void{
try{
//Set up the XMLSignatureValidator
var verifier:XMLSignatureValidator = new XMLSignatureValidator();
verifier.addEventListener( Event.COMPLETE, verificationComplete );
verifier.uriDereferencer = new SignedMessageDereferencer();
verifier.referencesValidationSetting = ReferencesValidationSetting.VALID_OR_UNKNOWN_IDENTITY;
//Load the signed document
var sigFileStream:FileStream = new FileStream();
sigFileStream.open( signatureFile, FileMode.READ );
var xmlDoc:XML = XML( sigFileStream.readUTFBytes(sigFileStream.bytesAvailable) );
//Get the last Signature element in the document
if( xmlDoc.name().localName != "Signature" ){
var signatureList:XMLList = xmlDoc..signatureNS::Signature;
xmlSig = XML( signatureList[ signatureList.length()-1 ] );
} else{
xmlSig = xmlDoc;
}
//Validate the signature
verifier.verify( xmlSig );
}catch (e:Error){
statusDisplay.text = "Verification error.\n" + e;
}
}
private static function verificationComplete(event:Event):void{
trace( "Signature Validity: " + verifier.validityStatus );
trace( "Digest validity: " + verifier.digestStatus );
trace( "Certificate validity: " + verifier.identityStatus );
trace( "Data validity: " + verifier.referencesStatus );
}
}
