Examples of org.apache.abdera.security.Signature

org.apache.abdera.security.Signature
Interface used for digitally signing and verifying Abdera elements

    entry.setContentAsXhtml("This <b>is</b> <i>markup</i>");
    entry.addAuthor("James");
    entry.addLink("http://www.example.org");
    
    // Prepare the digital signature options
    Signature sig = absec.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();    
    options.setCertificate(cert);
    options.setSigningKey(signingKey);  


    // Sign the entry
    entry = sig.sign(entry, options);
    assertNotNull(
      entry.getFirstChild(
        new QName(
          "http://www.w3.org/2000/09/xmldsig#", 
          "Signature")));
      
    X509Certificate[] certs = sig.getValidSignatureCertificates(entry, options);
    assertNotNull(certs);
    assertEquals(certs.length, 1);
    assertEquals(certs[0].getSubjectDN().getName(), "CN=James M Snell, OU=WebAhead, O=IBM, L=Hanford, ST=California, C=US");
    
    // Check the round trip
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    entry.writeTo(out); // do not use the pretty writer, it will break the signature
    ByteArrayInputStream bais = new ByteArrayInputStream(out.toByteArray());
    Document<Entry> entry_doc = abdera.getParser().parse(bais);
    entry = entry_doc.getRoot();
    assertTrue(sig.verify(entry, null));  // the signature better still be valid
    
    entry.setTitle("Change the title");
    
    assertFalse(sig.verify(entry, null)); // the signature better be invalid
    
  }

View Full Code Here

    entry.setContentAsXhtml("This <b>is</b> <i>markup</i>");
    entry.addAuthor("James");
    entry.addLink("http://www.example.org");
    
    // Prepare the digital signature options
    Signature sig = absec.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();    
    options.setCertificate(cert);
    options.setSigningKey(signingKey);


    // Sign the entry
    entry = sig.sign(entry, options);
    assertNotNull(
      entry.getFirstChild(
        new QName(
          "http://www.w3.org/2000/09/xmldsig#", 
          "Signature")));

View Full Code Here

    }
  }


  private Document<Element> sign(Document<Element> doc) throws SecurityException  {
    if (signingKey == null || cert == null) return doc; // pass through
    Signature sig = security.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();    
    options.setCertificate(cert);
    options.setSigningKey(signingKey);
    Element element = doc.getRoot();
    element = sig.sign(element, options);
    return element.getDocument();
  }

View Full Code Here

      BufferedRequestWrapper wrapper = 
        new BufferedRequestWrapper((HttpServletRequest) request);
      try {
        Abdera abdera = new Abdera();
        AbderaSecurity absec = new AbderaSecurity(abdera);
        Signature sig = absec.getSignature();
        Document<Element> doc = abdera.getParser().parse(wrapper.getInputStream());
        boolean valid = sig.verify(doc.getRoot(), null);
        if (!valid) {
          ((HttpServletResponse)response).sendError(
            400, "A Valid Signature is required");
          return;
        }
        wrapper.setAttribute(VALID, Boolean.valueOf(valid));
        wrapper.setAttribute(CERTS, sig.getValidSignatureCertificates(doc.getRoot(), null));
      } catch (Exception e) {
        e.printStackTrace();
      } 
      wrapper.reset();
      filter.doFilter(wrapper, response);

View Full Code Here

    entry.setContentAsXhtml("This <b>is</b> <i>markup</i>");
    entry.addAuthor("James");
    entry.addLink("http://www.example.org");
    
    // Prepare the digital signature options
    Signature sig = absec.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();    
    options.setCertificate(cert);
    options.setSigningKey(signingKey);  


    // Sign the entry
    entry = sig.sign(entry, options);      
    
    // Check the round trip
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    entry.writeTo(out); // do not use the pretty writer, it will break the signature
    ByteArrayInputStream bais = new ByteArrayInputStream(out.toByteArray());
    Document<Entry> entry_doc = abdera.getParser().parse(bais);
    entry = entry_doc.getRoot();
    
    System.out.println("Valid? " + sig.verify(entry,null));
    
    entry.setTitle("Change the title");
    
    System.out.println("Valid after changing the title? " + sig.verify(entry,null));
    
    entry = sig.removeInvalidSignatures(entry, options);
    
  }

View Full Code Here

    entry.setContentAsXhtml("This <b>is</b> <i>markup</i>");
    entry.addAuthor("James");
    entry.addLink("http://www.example.org");
    
    // Prepare the digital signature options
    Signature sig = absec.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();    
    options.setCertificate(cert);
    options.setSigningKey(signingKey);  


    // Sign the entry
    entry = sig.sign(entry, options);      
    
    // Check the round trip
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    entry.writeTo(out); // do not use the pretty writer, it will break the signature
    ByteArrayInputStream bais = new ByteArrayInputStream(out.toByteArray());
    Document<Entry> entry_doc = abdera.getParser().parse(bais);
    entry = entry_doc.getRoot();
    
    System.out.println("Valid? " + sig.verify(entry,null));
    
    entry.setTitle("Change the title");
    
    System.out.println("Valid after changing the title? " + sig.verify(entry,null));
    
  }

View Full Code Here

    Abdera abdera, 
    Document<Element> doc) 
      throws SecurityException  {
    AbderaSecurity security = new AbderaSecurity(abdera);
    if (signingKey == null || cert == null) return doc; // pass through
    Signature sig = security.getSignature();
    SignatureOptions options = sig.getDefaultSignatureOptions();
    options.setCertificate(cert);
    options.setSigningKey(signingKey);
    if (algorithm != null)
      options.setSigningAlgorithm(algorithm);
    Element element = doc.getRoot();
    element = sig.sign(element, options);
    return element.getDocument();
  }

View Full Code Here

  public ResponseContext filter(
    RequestContext request, 
    FilterChain chain) {


    AbderaSecurity security = new AbderaSecurity(request.getAbdera());
    Signature sig = security.getSignature();
    String method = request.getMethod();
    if (method.equals("POST") || method.equals("PUT")) {
      try {
        Document<Element> doc = request.getDocument();
        boolean valid = sig.verify(doc.getRoot(), null);
        if (!valid)
          return ProviderHelper.badrequest(
            request,
            Localizer.get("VALID.SIGNATURE.REQUIRED"));
        request.setAttribute(VALID, valid);
        request.setAttribute(CERTS,sig.getValidSignatureCertificates(doc.getRoot(), null));
      } catch (Exception e) {} 
    }
    return chain.next(request);
  }

View Full Code Here

        entry.setContentAsXhtml("This <b>is</b> <i>markup</i>");
        entry.addAuthor("James");
        entry.addLink("http://www.example.org");


        // Prepare the digital signature options
        Signature sig = absec.getSignature();
        SignatureOptions options = sig.getDefaultSignatureOptions();
        options.setCertificate(cert);
        options.setSigningKey(signingKey);


        // Sign the entry
        entry = sig.sign(entry, options);
        assertNotNull(entry.getFirstChild(new QName("http://www.w3.org/2000/09/xmldsig#", "Signature")));


        X509Certificate[] certs = sig.getValidSignatureCertificates(entry, options);
        assertNotNull(certs);
        assertEquals(1, certs.length);
        assertEquals("CN=James M Snell, OU=WebAhead, O=IBM, L=Hanford, ST=California, C=US", certs[0].getSubjectDN()
            .getName());


        // Check the round trip
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        entry.writeTo(out); // do not use the pretty writer, it will break the signature
        ByteArrayInputStream bais = new ByteArrayInputStream(out.toByteArray());
        Document<Entry> entry_doc = abdera.getParser().parse(bais);
        entry = entry_doc.getRoot();
        assertTrue(sig.verify(entry, null)); // the signature better still be valid


        entry.setTitle("Change the title");


        assertFalse(sig.verify(entry, null)); // the signature better be invalid


    }

View Full Code Here

    public void testSignedResponseFilter() throws Exception {
        ClientResponse resp = client.get("http://localhost:9002/");
        Document<Element> doc = resp.getDocument();
        Element root = doc.getRoot();
        AbderaSecurity security = new AbderaSecurity(abdera);
        Signature sig = security.getSignature();
        assertTrue(sig.isSigned(root));
        assertTrue(sig.verify(root, sig.getDefaultSignatureOptions()));
    }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.abdera.security.Signature

com.trsst.client.Client

com.trsst.server.TrsstAdapter

org.apache.abdera.examples.security.DSig

org.apache.abdera.security.util.filters.SignedRequestFilter

org.apache.abdera.security.util.filters.SignedResponseFilter

org.apache.abdera.security.util.servlet.SignedRequestFilter

org.apache.abdera.security.util.servlet.SignedResponseFilter

org.apache.abdera.test.security.DigitalSignatureTest

org.apache.abdera.test.security.DSigThirdPartyVerifyTest

org.apache.abdera.test.security.filter.SecurityFilterTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.