Examples of org.apache.xml.security.signature.XMLSignature

Package org.apache.xml.security.signature

Examples of org.apache.xml.security.signature.XMLSignature

org.apache.xml.security.signature.XMLSignature
Handles <ds:Signature> elements. This is the main class that deals with creating and verifying signatures.
There are 2 types of constructors for this class. The ones that take a document, baseURI and 1 or more Java Objects. This is mostly used for signing purposes. The other constructor is the one that takes a DOM Element and a baseURI. This is used mostly with for verifying, when you have a SignatureElement. There are a few different types of methods:
- The addDocument* methods are used to add References with optional transforms during signing.
- addKeyInfo* methods are to add Certificates and Keys to the KeyInfo tags during signing.
- appendObject allows a user to add any XML Structure as an ObjectContainer during signing.
- sign and checkSignatureValue methods are used to sign and validate the signature.

        javax.xml.parsers.DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
        org.w3c.dom.Document doc = db.parse(is);
        Element sigElement =
            (Element) doc.getElementsByTagNameNS(
                Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
        XMLSignature sign = new XMLSignature(sigElement, "");
        boolean verify =
            sign.checkSignatureValue(sign.getKeyInfo().getPublicKey());
        if (!verify) {
            for (int i = 0; i < sign.getSignedInfo().getLength(); i++) {
                boolean refVerify =
                    sign.getSignedInfo().getVerificationResult(i);              
                if (!refVerify) {
                    byte[] contentBytes = 
                        sign.getSignedInfo().item(i).getContentsAfterTransformation().getBytes();
                    assertEquals(
                        correctC14n, 
                        new String(contentBytes)
                    );
                }

View Full Code Here

    protected void doDOMSignatureOutbound(File file, int tagCount) throws Exception {


        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(file);


        XMLSignature sig = new XMLSignature(document, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
        Element root = document.getDocumentElement();
        root.insertBefore(sig.getElement(), root.getFirstChild());


        Transforms transforms = new Transforms(document);
        transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
        transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
        sig.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");


        sig.sign(key);
        sig.addKeyInfo(cert);


        XMLUtils.outputDOM(document, new BufferedOutputStream(new FileOutputStream(new File(getTmpFilePath(), "signature-dom-" + tagCount + ".xml"))));
    }

View Full Code Here

        DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
        Document document = builder.parse(file);


        Element signatureElement = (Element) document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0);
        ((Element) signatureElement.getParentNode()).setIdAttributeNS(null, "Id", true);
        XMLSignature xmlSignature = new XMLSignature(signatureElement, "", true);
        xmlSignature.checkSignatureValue(cert);
    }

View Full Code Here

        List<String> localNames = new ArrayList<String>();
        localNames.add("PaymentInfo");
        
        String digestAlgorithm = "http://www.w3.org/2007/05/xmldsig-more#sha3-256";
        
        XMLSignature sig = signUsingDOM(
                "http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key,
                "http://www.w3.org/2001/10/xml-exc-c14n#", digestAlgorithm
        );
        
        // Add KeyInfo
        sig.addKeyInfo(cert);


        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));

View Full Code Here

        List<String> localNames = new ArrayList<String>();
        localNames.add("PaymentInfo");
        
        String digestAlgorithm = "http://www.w3.org/2007/05/xmldsig-more#sha3-384";
        
        XMLSignature sig = signUsingDOM(
                "http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key,
                "http://www.w3.org/2001/10/xml-exc-c14n#", digestAlgorithm
        );
        
        // Add KeyInfo
        sig.addKeyInfo(cert);


        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));

View Full Code Here

        List<String> localNames = new ArrayList<String>();
        localNames.add("PaymentInfo");
        
        String digestAlgorithm = "http://www.w3.org/2007/05/xmldsig-more#sha3-512";
        
        XMLSignature sig = signUsingDOM(
                "http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key,
                "http://www.w3.org/2001/10/xml-exc-c14n#", digestAlgorithm
        );
        
        // Add KeyInfo
        sig.addKeyInfo(cert);


        // Convert Document to a Stream Reader
        javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        transformer.transform(new DOMSource(document), new StreamResult(baos));

View Full Code Here

    org.w3c.dom.Element dom = fomToDom((Element)element.clone(), options);
    org.w3c.dom.Document domdoc = dom.getOwnerDocument();
    PrivateKey signingKey = options.getSigningKey();
    X509Certificate cert = options.getCertificate();
    IRI baseUri = element.getResolvedBaseUri();
    XMLSignature sig = new XMLSignature(
      domdoc, 
      (baseUri != null) ? baseUri.toString() : "", 
      XMLSignature.ALGO_ID_SIGNATURE_DSA);
    dom.appendChild(sig.getElement());
    Transforms transforms = new Transforms(domdoc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
    sig.addDocument("", transforms, org.apache.xml.security.utils.Constants.ALGO_ID_DIGEST_SHA1);
    String[] refs = options.getReferences();
    for (String ref : refs) sig.addDocument(ref);
    sig.addKeyInfo(cert);
    sig.addKeyInfo(cert.getPublicKey());
    sig.sign(signingKey);    
    return (T)domToFom(dom, options);
  }

View Full Code Here

        if (node.getNodeType() == Node.ELEMENT_NODE) {
          org.w3c.dom.Element el = (org.w3c.dom.Element) node;
          if (Constants.DSIG_NS.equals(el.getNamespaceURI()) &&
              Constants.LN_SIGNATURE.equals(el.getLocalName())) {
            IRI baseUri = element.getResolvedBaseUri();
            XMLSignature sig = 
              new XMLSignature(
                el, (baseUri != null) ? baseUri.toString() : "");
            if (is_valid_signature(sig)) {
              KeyInfo ki = sig.getKeyInfo();
              if (ki != null) {
                X509Certificate cert = ki.getX509Certificate();
                if (cert != null) certs.add(cert);
              }
            }

View Full Code Here

      if (node.getNodeType() == Node.ELEMENT_NODE) {
        org.w3c.dom.Element el = (org.w3c.dom.Element) node;
        if (Constants.DSIG_NS.equals(el.getNamespaceURI()) &&
            Constants.LN_SIGNATURE.equals(el.getLocalName())) {
          IRI baseUri = element.getResolvedBaseUri();
          XMLSignature sig = 
            new XMLSignature(
              el, (baseUri != null) ? baseUri.toString() : "");
          answer = is_valid_signature(sig);
        }
      }
    }

View Full Code Here

            
            String userName = (String)message.getContextualProperty(SecurityConstants.ENCRYPT_USERNAME);
            if (userName != null 
                && SecurityUtils.USE_REQUEST_SIGNATURE_CERT.equals(userName)
                && !MessageUtils.isRequestor(message)) {
                XMLSignature sig = message.getExchange().getInMessage().getContent(XMLSignature.class);
                if (sig != null) {
                    receiverCert = sig.getKeyInfo().getX509Certificate(); 
                }
            } else {
                CryptoLoader loader = new CryptoLoader();
                Crypto crypto = loader.getCrypto(message, 
                                          SecurityConstants.ENCRYPT_CRYPTO,

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.xml.security.signature.XMLSignature

com.sun.xml.wss.core.SignatureHeaderBlock

org.apache.abdera.security.xmlsec.XmlSignature

org.apache.cxf.rs.security.saml.AbstractSamlInHandler

org.apache.cxf.rs.security.xml.AbstractXmlSigInHandler

org.apache.cxf.rs.security.xml.XmlSigOutInterceptor

org.apache.wookie.util.digitalsignature.DigitalSignatureProcessor

org.apache.ws.security.message.WSSecDKSign

org.apache.ws.security.message.WSSecSignature

org.apache.ws.security.message.WSSignEnvelope

org.apache.ws.security.processor.SignatureProcessor

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.