Package org.apache.xml.security.signature

Examples of org.apache.xml.security.signature.XMLSignature

171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
   public void sign(char[] password) throws IOException {

      try {
         this.removeOldSignatures();

         XMLSignature signature =
            new XMLSignature(this._doc, "", XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

         this._constructionElement.appendChild(signature.getElement());
         XMLUtils.addReturnToElement(this);

         Transforms enveloped = new Transforms(this._doc);

         enveloped.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
         signature.addDocument("", enveloped);

         SecretKey secretKey = this.generateKeyFromPass(signature, password);

         signature.sign(secretKey);
      } catch (XMLSignatureException ex) {
         throw new IOException(ex.getMessage());
      } catch (XMLSecurityException ex) {
         throw new IOException(ex.getMessage());
      }
View Full Code Here
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
         if (signatureElement == null) {
            throw new IOException(
               "There must be exactly one ds:Signature in the KeyStore");
         }

         XMLSignature signature = new XMLSignature(signatureElement,
                                                   "memory://");

         if (signature.getSignedInfo().getLength() != 1) {
            throw new IOException(
               "ds:Signature/ds:getSignedInfo must contain exactly one ds:Reference but it was "
               + signature.getSignedInfo().getLength());
         }

         Reference reference = signature.getSignedInfo().item(0);

         if (!reference.getURI().equals("")) {
            throw new IOException("ds:Reference/@URI!=\"\"");
         }

         Transforms transforms = reference.getTransforms();

         if ((transforms == null) || (transforms.getLength() != 1)) {
            throw new IOException(
               "There must be exactly one EnvelopedSignature Transform");
         }

         Transform transform = transforms.item(0);

         if (!transform.getURI()
                 .equals(Transforms.TRANSFORM_ENVELOPED_SIGNATURE)) {
            throw new IOException(
               "There must be exactly one EnvelopedSignature Transform");
         }

         SecretKey secretKey = this.generateKeyFromPass(signature, password);

         return signature.checkSignatureValue(secretKey);
      } catch (XMLSignatureException ex) {
         throw new IOException(ex.getMessage());
      } catch (XMLSecurityException ex) {
         throw new IOException(ex.getMessage());
      }
View Full Code Here
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
            throwFault("Crypto can not be loaded", ex);
        }
        boolean valid = false;
        Reference ref = null;
        try {
            XMLSignature signature = new XMLSignature(signatureElement, "");   
            // See also WSS4J SAMLUtil.getCredentialFromKeyInfo
            KeyInfo keyInfo = signature.getKeyInfo();
           
            X509Certificate cert = keyInfo.getX509Certificate();
            if (cert != null) {
                valid = signature.checkSignatureValue(cert);
            } else {
                PublicKey pk = keyInfo.getPublicKey();
                if (pk != null) {
                    valid = signature.checkSignatureValue(pk);
                }
            }
            // is this call redundant given that signature.checkSignatureValue uses References ?
            ref = getReference(signature);
            Element signedElement = validateReference(root, ref);
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
        }
       
        String id = UUID.randomUUID().toString();
        String referenceId = "#" + id;
       
        XMLSignature sig = null;
        if (enveloping) {
            sig = prepareEnvelopingSignature(doc, id, referenceId, sigAlgo);
        } else if (envelopeQName != null) {
            sig = prepareDetachedSignature(doc, id, referenceId, sigAlgo);
        } else {
            sig = prepareEnvelopedSignature(doc, id, referenceId, sigAlgo);
        }
       
       
        sig.addKeyInfo(issuerCerts[0]);
        sig.addKeyInfo(issuerCerts[0].getPublicKey());
        sig.sign(privateKey);
        return sig.getElement().getOwnerDocument();
    }
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
        newDoc.adoptNode(docEl);
        Element object = newDoc.createElementNS(Constants.SignatureSpecNS, "ds:Object");
        object.appendChild(docEl);
        object.setAttribute("ID", id);
       
        XMLSignature sig = new XMLSignature(newDoc, "", sigAlgo);
        newDoc.appendChild(sig.getElement());
        sig.getElement().appendChild(object);
       
        Transforms transforms = new Transforms(newDoc);
        transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
       
        sig.addDocument(referenceId, transforms, digestAlgo);
        return sig;
    }
View Full Code Here
196
197
198
199
200
201
202
203
204
205
206
207
208
209
        Element root = newDoc.createElementNS(envelopeQName.getNamespaceURI(),
                envelopeQName.getPrefix() + ":" + envelopeQName.getLocalPart());
        root.appendChild(docEl);
        newDoc.appendChild(root);
       
        XMLSignature sig = new XMLSignature(newDoc, "", sigAlgo);
        root.appendChild(sig.getElement());
       
        Transforms transforms = new Transforms(newDoc);
        transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
       
        sig.addDocument(referenceId, transforms, digestAlgo);
        return sig;
    }
View Full Code Here
212
213
214
215
216
217
218
219
220
221
222
223
224
225
            String id,
            String referenceURI,
            String sigAlgo) throws Exception {
        doc.getDocumentElement().setAttribute("ID", id);   
   
        XMLSignature sig = new XMLSignature(doc, "", sigAlgo);
        doc.getDocumentElement().appendChild(sig.getElement());
        Transforms transforms = new Transforms(doc);
        transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
        transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
       
        sig.addDocument(referenceURI, transforms, digestAlgo);
        return sig;
    }
View Full Code Here
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
        javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
        org.w3c.dom.Document doc = db.newDocument();

        //BaseURI provides the base for the path to referenced content from the signature
        String BaseURI = signatureFile.toURI().toURL().toString();
        XMLSignature sig = new XMLSignature(doc, BaseURI,
            XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
            Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
       
        sig.setId(role);

        doc.appendChild(sig.getElement());
        {

            Transforms transforms = new Transforms(doc);

            transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
            addDocuments(sig, documentsList);

            customizeToRole(role);

            //Adding signature properties
            SignatureProperty profile = new SignatureProperty(doc, target,
                SignerConstants.SIGNATURE_PROPERTY_ID_PROFILE);
            Element profileElement = doc
                .createElement(SignerConstants.SIGNATURE_PROPERTY_ID_PROFILE_TAG_NAME);
            profileElement.setAttribute("URI", SignerConstants.PROFILE_URI);
            profile.appendChild(profileElement);

            SignatureProperty role = new SignatureProperty(doc, target,
                SignerConstants.SIGNATURE_PROPERTY_ID_ROLE);
            Element roleElement = doc
                .createElement(SignerConstants.SIGNATURE_PROPERTY_ID_ROLE_TAG_NAME);
            roleElement.setAttribute("URI", roleURI);
            role.appendChild(roleElement);

            SignatureProperty identifier = new SignatureProperty(doc, target,
                SignerConstants.SIGNATURE_PROPERTY_ID_IDENTIFIER);
            Element identifierElement = doc
                .createElement(SignerConstants.SIGNATURE_PROPERTY_ID_IDENTIFIER_TAG_NAME);
            identifierElement.setTextContent(name);
            identifier.appendChild(identifierElement);

            SignatureProperties props = new SignatureProperties(doc);

            props.setXPathNamespaceContext(SignerConstants.XMLNS_DSP,
                SignerConstants.SIGNATURE_PROPERTIES_NAMESPACE);
            props.addSignatureProperty(profile);
            props.addSignatureProperty(role);
            props.addSignatureProperty(identifier);
            ObjectContainer object = new ObjectContainer(doc);
            object.setId("prop");

            object.appendChild(doc.createTextNode("\n"));
            object.appendChild(props.getElement());
            object.appendChild(doc.createTextNode("\n"));

            //Refer the properties section of the signature which needs
            //to be signed too, that include role information.
            sig.appendObject(object);
            sig.addDocument("#prop", transforms,
                SignerConstants.DIGEST_METHOD_ALGORITHM);

            ResourceResolver offlineResolver = null;
            sig.addResourceResolver(offlineResolver);

            {
                X509Certificate cert = (X509Certificate) ks
                    .getCertificate(certificateAlias);
                if(cert.equals(null)){
                    throw new NullPointerException();
                }
                sig.addKeyInfo(cert);
                sig.addKeyInfo(cert.getPublicKey());

                System.out.println("Start signing");
                sig.sign(privateKey);
                System.out.println("Finished signing");
            }

            FileOutputStream f = new FileOutputStream(signatureFile);
View Full Code Here
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
    * @throws Exception
    */
   public static byte[][] apachesample_xfilter2_1(Document doc)
           throws Exception {

      XMLSignature sig = new XMLSignature(doc, null,
                                          XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

      doc.getDocumentElement().appendChild(sig.getElement());

      Transforms transforms = new Transforms(doc);

      {
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04
                                    .newInstanceIntersect(doc, "//E")
                                       .getElement());

         /*
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//B").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//C").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//F").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//G").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//H").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//@x:attr").getElement());
         */
         transforms.setXPathNamespaceContext("xmlns:x", "http://foo.bar/");
         transforms
            .setXPathNamespaceContext(Transforms
               .getDefaultPrefix(Transforms
               .TRANSFORM_XPATH2FILTER04), Transforms.TRANSFORM_XPATH2FILTER04);
      }

      sig.addDocument("", transforms);

      String secretKey = "secret";

      sig.getKeyInfo().addKeyName("The UTF-8 octets of \"" + secretKey
                                  + "\" are used for signing ("
                                  + secretKey.length() + " octets)");
      sig.sign(sig.createSecretKey(secretKey.getBytes()));

      Canonicalizer c14n =
         Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
      byte[] full = c14n.canonicalizeSubtree(doc);
      byte[] ref = sig.getSignedInfo().item(0).getTransformsOutput().getBytes();
      byte[][] result = {
         full, ref
      };

      // we remove the signature now
      sig.getElement().getParentNode().removeChild(sig.getElement());

      return result;
   }
View Full Code Here
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
    * @throws Exception
    */
   public static byte[][] apachesample_xfilter2_2(Document doc)
           throws Exception {

      XMLSignature sig = new XMLSignature(doc, null,
                                          XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

      doc.getDocumentElement().appendChild(sig.getElement());

      Transforms transforms = new Transforms(doc);

      {
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04
                                    .newInstanceIntersect(doc, "//E")
                                       .getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//B").getElement());

         /*
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//C").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//F").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//G").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceUnion(doc,
                                    "//H").getElement());
         transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER04,
                                 XPath2FilterContainer04.newInstanceSubtract(doc,
                                    "//@x:attr").getElement());
                              */
         transforms.setXPathNamespaceContext("xmlns:x", "http://foo.bar/");
         transforms
            .setXPathNamespaceContext(Transforms
               .getDefaultPrefix(Transforms
               .TRANSFORM_XPATH2FILTER04), Transforms.TRANSFORM_XPATH2FILTER04);
      }

      sig.addDocument("", transforms);

      String secretKey = "secret";

      sig.getKeyInfo().addKeyName("The UTF-8 octets of \"" + secretKey
                                  + "\" are used for signing ("
                                  + secretKey.length() + " octets)");
      sig.sign(sig.createSecretKey(secretKey.getBytes()));

      Canonicalizer c14n =
         Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
      byte[] full = c14n.canonicalizeSubtree(doc);
      byte[] ref = sig.getSignedInfo().item(0).getTransformsOutput().getBytes();
      byte[][] result = {
         full, ref
      };

      // we remove the signature now
      sig.getElement().getParentNode().removeChild(sig.getElement());

      return result;
   }
View Full Code Here
TOP

Related Classes of org.apache.xml.security.signature.XMLSignature

  • com.sun.xml.wss.core.SignatureHeaderBlock
  • org.apache.abdera.security.xmlsec.XmlSignature
  • org.apache.cxf.rs.security.saml.AbstractSamlInHandler
  • org.apache.cxf.rs.security.xml.AbstractXmlSigInHandler
  • org.apache.cxf.rs.security.xml.XmlSigOutInterceptor
  • org.apache.wookie.util.digitalsignature.DigitalSignatureProcessor
  • org.apache.ws.security.message.WSSecDKSign
  • org.apache.ws.security.message.WSSecSignature
  • org.apache.ws.security.message.WSSignEnvelope
  • org.apache.ws.security.processor.SignatureProcessor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.