flash.security.XMLSignatureValidator (Flex 3)

(AIR only)

Package	flash.security
Class	public class XMLSignatureValidator
Inheritance	XMLSignatureValidator EventDispatcher Object

The XMLSignatureValidator class validates whether an XML signature file is well formed, unmodified, and, optionally, whether it is signed using a key linked to a trusted digital certificate.

XMLSignatureValidator implements a subset of the W3C Recommendation for XML-Signature Syntax and Processing and should not be considered a conforming implementation. The supported subset of the recommendation includes:

All of the core signature syntax except KeyInfo element.
The KeyInfo element only supports the X509Data element.
The X509Data element only supports the X509Certificate element.
The SHA256 digest method algorithm.
The PKCS1 signing algorithm.
The "Canonical XML without comments" Canonicalization Method and Transform algorithm.
The Manifest element in additional signature syntax.

You must provide an IURIDereferencer implementation in order to verify an XML signature. This implementation class is responsible for resolving the URIs specified in the SignedInfo elements of the signature file and returning the referenced data in an object, such as a ByteArray, that implements the IDataInput interface.

In order to verify that the signing certificate chains to a trusted certificate, either the XML signature must contain the certificates required to build the chain in X509Certificate elements, or you must supply the certificates required to build the chain using the addCertificate() method.

To verify an XMLSignature:

Create an instance of the XMLSignatureValidator class.
Set the uriDereferencer property of the instance to an instance of your IURIDereferencer implementation class.
Supply DER-encoded certificates for building the certificate trust chain, if desired, using the addCertificate() method.
Call the XMLSignatureValidator verify method, passing in the signature to be verified.
Check the validityStatus property after the XMLSignatureValidator object dispatches a complete event.

About signature status:

The validity of an XML signature can be valid, invalid, or unknown. The overall status depends on the verification status of the individual components of the signature file:

referencesStatus -- The validity the digest of the references in the SignedInfo element of the signature file. Can be valid, invalid, or unknown.
digestStatus -- The validity of the cryptographic of the signature computed over the SignedInfo element. Can be valid, invalid, or unknown.
identityStatus -- The validity of the signing certificate. If the signature has expired or has been revoked, the status is invalid. If the certificate cannot be chained to a trusted root certificate, the status is unknown.

The signature validity reported by the validityStatus property can be:

valid — If referencesStatus, digestStatus, and identityStatus are all valid.
invalid — If any individual status is invalid.
unknown — If referencesStatus, digestStatus, or identityStatus is unknown.

	Property	Defined By
		constructor : Object A reference to the class object or constructor function for a given object instance.	Object
		digestStatus : String [read-only] The validity status of the cryptographic signature computed over the SignedInfo element.	XMLSignatureValidator
		identityStatus : String [read-only] The validity status of the signing certificate.	XMLSignatureValidator
		prototype : Object [static] A reference to the prototype object of a class or function object.	Object
		referencesStatus : String [read-only] The validity status of the digest of all the references in the SignedInfo element.	XMLSignatureValidator
		revocationCheckSetting : String Specifies how certificate revocation is checked.	XMLSignatureValidator
		signerCN : String [read-only] The Common Name field of the signing certificate.	XMLSignatureValidator
		signerDN : String [read-only] The Distinguished Name field of the signing certificate.	XMLSignatureValidator
		signerExtendedKeyUsages : Array [read-only] An array containing the Extended Key Usages OIDs listed in the signing certificate.	XMLSignatureValidator
		signerTrustSettings : Array [read-only] An array containing the trust settings of the signing certificate.	XMLSignatureValidator
		uriDereferencer : IURIDereferencer The IURIDereferencer implementation.	XMLSignatureValidator
		useSystemTrustStore : Boolean Specifies that certificates in the system trust store are used for chain building.	XMLSignatureValidator
		validityStatus : String [read-only] The validity status of a verified XML signature.	XMLSignatureValidator

	Method	Defined By
		XMLSignatureValidator() Creates an XMLSignatureValidator object.	XMLSignatureValidator
		addCertificate(cert:ByteArray, trusted:Boolean):* Adds an x509 certificate for chain building.	XMLSignatureValidator
		addEventListener(type:String, listener:Function, useCapture:Boolean = false, priority:int = 0, useWeakReference:Boolean = false):void Registers an event listener object with an EventDispatcher object so that the listener receives notification of an event.	EventDispatcher
		dispatchEvent(event:Event):Boolean Dispatches an event into the event flow.	EventDispatcher
		hasEventListener(type:String):Boolean Checks whether the EventDispatcher object has any listeners registered for a specific type of event.	EventDispatcher
		hasOwnProperty(name:String):Boolean Indicates whether an object has a specified property defined.	Object
		isPrototypeOf(theClass:Object):Boolean Indicates whether an instance of the Object class is in the prototype chain of the object specified as the parameter.	Object
		propertyIsEnumerable(name:String):Boolean Indicates whether the specified property exists and is enumerable.	Object
		removeEventListener(type:String, listener:Function, useCapture:Boolean = false):void Removes a listener from the EventDispatcher object.	EventDispatcher
		setPropertyIsEnumerable(name:String, isEnum:Boolean = true):void Sets the availability of a dynamic property for loop operations.	Object
		toString():String Returns the string representation of the specified object.	Object
		valueOf():Object Returns the primitive value of the specified object.	Object
		verify(signature:XML):void Verifies the specified signature.	XMLSignatureValidator
		willTrigger(type:String):Boolean Checks whether an event listener is registered with this EventDispatcher object or any of its ancestors for the specified event type.	EventDispatcher

Summary	Defined By
activate	Dispatched when Flash Player or an AIR application gains operating system focus and becomes active.	EventDispatcher
complete	Dispatched when verification is complete.	XMLSignatureValidator
deactivate	Dispatched when Flash Player or an AIR application loses operating system focus and is becoming inactive.	EventDispatcher
error	Dispatched if verification cannot complete because of errors.	XMLSignatureValidator

Property Detail

digestStatus

property

digestStatus:String [read-only]

The validity status of the cryptographic signature computed over the SignedInfo element.

The status is:

valid — If signature is cryptographically valid.
invalid — If the digest has been altered after signing.
unknown — If the verify() method has not been called.

Implementation
public function get digestStatus():String

Throws

IllegalOperationError — If accessed while a signature is being validated.

identityStatus

property

identityStatus:String [read-only]

The validity status of the signing certificate.

The status can be:

valid — The certificate has not expired, has not failed a revocation check and chains to a trusted root certificate.
unknown — The certificate has not expired and has not failed a revocation check, but does not chain to a trusted root certificate. A status of unknown will also be reported when the status has not been verified, either because the verify() method has not been called or because the cryptographic signature of the SignedInfo element (digestStatus) is invalid.
invalid — The certificate has expired or fails a revocation check.

The certificates added using the addCertificate() method and the settings of the revocationCheckSetting and the useSystemTrustStore properties can change whether a certificate is considered valid.

Implementation
public function get identityStatus():String

Throws

IllegalOperationError — If accessed while a signature is being validated.

referencesStatus

property

referencesStatus:String [read-only]

The validity status of the digest of all the references in the SignedInfo element.

The status is:

valid — If all references are valid.
invalid — If any reference is invalid.
unknown — If not verified, either because the verify() method has not been called or because the cryptographic signature of the SignedInfo element (digestStatus) or the signing certificate (identityStatus) is invalid.

Implementation
public function get referencesStatus():String

Throws

IllegalOperationError — If accessed while a signature is being validated.

revocationCheckSetting

property

revocationCheckSetting:String [read-write]

Specifies how certificate revocation is checked.

Use constants defined in the RevocationSettings class to set this property. The settings include:

RevocationCheckSettings.NEVER — Do not check certificate revocation.
RevocationCheckSettings.BEST_EFFORT — Check certificate revocation, if revocation information is available and the revocation status can be obtained. If revocation status cannot be positively determined, the certificate is not rejected.
RevocationCheckSettings.REQUIRED_IF_AVAILABLE — If the certificate includes revocation information, the revocation status must be positively determined to validate the certificate.
RevocationCheckSettings.ALWAYS_REQUIRED — Always check certificate revocation. Certificates without revocation information are rejected.

Implementation
public function get revocationCheckSetting():String
public function set revocationCheckSetting(value:String):void

Throws

IllegalOperationError — If set while a signature is being validated.

See also

RevocationCheckSettings

signerCN

property

signerCN:String [read-only]

The Common Name field of the signing certificate.

Implementation
public function get signerCN():String

signerDN

property

signerDN:String [read-only]

The Distinguished Name field of the signing certificate.

Implementation
public function get signerDN():String

signerExtendedKeyUsages

property

signerExtendedKeyUsages:Array [read-only]

An array containing the Extended Key Usages OIDs listed in the signing certificate.

Each extended key usage is reported in numeric OID form.

Implementation
public function get signerExtendedKeyUsages():Array

Throws

IllegalOperationError — If accessed while a signature is being validated.

signerTrustSettings

property

signerTrustSettings:Array [read-only]

An array containing the trust settings of the signing certificate.

Trust settings are derived from the system and the key usage OIDs embedded in the certificate. Constants for the strings representing the recognized trust settings are defined in the SignerTrustSettings class.

The signerTrustSettings array of an unknown or invalid certificate is empty.

Modifying the array does not change the certificate trust settings.

Implementation
public function get signerTrustSettings():Array

Throws

IllegalOperationError — If accessed while a signature is being validated.

See also

SignerTrustSettings

uriDereferencer

property

uriDereferencer:IURIDereferencer [read-write]

The IURIDereferencer implementation.

An IURIDereferencer implementation must be provided before attempting to verify a signature.

Implementation
public function get uriDereferencer():IURIDereferencer
public function set uriDereferencer(value:IURIDereferencer):void

Throws

IllegalOperationError — If set while a signature is being validated.

See also

IURIDereferencer

useSystemTrustStore

property

useSystemTrustStore:Boolean [read-write]

Specifies that certificates in the system trust store are used for chain building.

If true, then the trust anchors in the system trust store are used as trusted roots. The system trust store is not used by default.

Implementation
public function get useSystemTrustStore():Boolean
public function set useSystemTrustStore(value:Boolean):void

Throws

IllegalOperationError — If set while a signature is being validated.

validityStatus

property

validityStatus:String [read-only]

The validity status of a verified XML signature.

The XML signature is verified by validating the digest of the references in the SignedInfo element, the cryptographic signature of the SignedInfo element itself, and the signing certificate. The validity of each of these elements is reported individually by the referencesStatus, digestStatus, and identityStatus() properties, respectively.

The validity of an XML signature can be valid, invalid, or unknown. The overall status depends on the verification status of the individual components of the signature file:

referencesStatus — The validity of the digest of the references in the signature SignedInfo element.
digestStatus — The validity of the cryptographic signature computed over the SignedInfo element.
identityStatus — The validity of the signing certificate.

The signature validity reported by the validityStatus property can be:

valid — If referencesStatus, digestStatus, and identityStatus are all valid.
invalid — If any individual status is invalid.
unknown — If referencesStatus, digestStatus, or identityStatus are unknown.

Implementation
public function get validityStatus():String

Throws

IllegalOperationError — If accessed while a signature is being validated.

Constructor Detail

XMLSignatureValidator

()

Constructor

public function XMLSignatureValidator()

Creates an XMLSignatureValidator object.

You must set the uriDereferencer property before calling the verify() method of the new object.

See also

uriDereferencer

Method Detail

addCertificate

()

method

public function addCertificate(cert:ByteArray, trusted:Boolean):*

Adds an x509 certificate for chain building.

The certificate added must be a DER-encoded x509 certificate.

If the trusted parameter is true, the certificate is considered a trust anchor.

Note: An XML signature may include certificates for building the signer's certificate chain. The XMLSignatureValidator class uses these certificates for chain building, but not as trusted roots (by default).

Parameters

	`cert:ByteArray` — A ByteArray object containing a DER-encoded x509 digital certificate.

	`trusted:Boolean` — Set to `true` to designate this certificate as a trust anchor.

Returns

*

Throws

IllegalOperationError — If called while a signature is being validated.

verify

()

method

public function verify(signature:XML):void

Verifies the specified signature.

Verification is asynchronous. The XMLSignatureValidator object dispatches a complete event when verification completes successfully or an error event if verification cannot complete because of errors.

The verification process cannot be cancelled. While a verification process is under way, subsequent calls to the verify() method fail. After the current verification check is complete, you can call the verify() method again.

Note: Because the XMLSignatureValidator only implements a subset of the W3C recommendation for XML Signature Syntax and Processing, many otherwise valid XML signatures cannot be verified.

Parameters

signature:XML — The XML signature to verify.

Events

	`complete:Event` — Dispatched when verification completes successfully.

	`error:ErrorEvent` — Dispatched if the verification of references encounters an error.

Throws

	`IllegalOperationError` — If called while a signature is being validated.

	`Error` — If other errors are encountered, such as non-well-formed XML or unsupported elements in the signature file.

Event Detail

complete

Event

Event Object Type: flash.events.Event
Event.type property = flash.events.Event.COMPLETE

Dispatched when verification is complete.

A complete event does not imply that the signature is valid. Check validityStatus to determine the outcome of the signature verification.

The Event.COMPLETE constant defines the value of the type property of a complete event object.

This event has the following properties:

Property	Value
`bubbles`	`false`
`cancelable`	`false`; there is no default behavior to cancel.
`currentTarget`	The object that is actively processing the Event object with an event listener.
`target`	The network object that has completed loading.

See also

validityStatus

error

Event

Event Object Type: flash.events.ErrorEvent
ErrorEvent.type property = flash.events.ErrorEvent.ERROR

Dispatched if verification cannot complete because of errors.

Defines the value of the type property of an error event object.

This event has the following properties:

Property	Value
`bubbles`	`false`
`cancelable`	`false`; there is no default behavior to cancel.
`currentTarget`	The object that is actively processing the Event object with an event listener.
`target`	The object experiencing a network operation failure.
`text`	Text to be displayed as an error message.

ActionScript 3.0 Language and Components Reference	All Packages \| All Classes \| Language Elements \| Index \| Appendixes \| Conventions \| Frames No Frames
XMLSignatureValidator	Properties \| Methods \| Events