Examples of XMLSignature


Examples of com.sun.org.apache.xml.internal.security.signature.XMLSignature

            doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature");
        if (nl.getLength() == 0) {
            throw new Exception("Couldn't find signature Element");
        }
        Element sigElement = (Element) nl.item(0);
        XMLSignature signature = new XMLSignature
            (sigElement, file.toURI().toString());
        SecretKey sk = signature.createSecretKey("secret".getBytes("ASCII"));
        try {
            System.out.println
                ("Validation status: " + signature.checkSignatureValue(sk));
            System.out.println("FAILED");
            atLeastOneFailed = true;
        } catch (XMLSignatureException xse) {
            System.out.println(xse.getMessage());
            System.out.println("PASSED");
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);

        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);

        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");

        sig.sign(dsc);
        TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
       
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);

        DOMValidateContext dvc = new DOMValidateContext
        (ks, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);

        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);

        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");

        sig.sign(dsc);
        TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
       
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);

        DOMValidateContext dvc = new DOMValidateContext
        (ks, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

                // structure for testing the transform/digest algorithms etc.
                XMLValidateContext context = new DOMValidateContext(key, sig.getDOM());
                context.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
                context.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.TRUE);

                XMLSignature xmlSignature;
                try {
                    xmlSignature = signatureFactory.unmarshalXMLSignature(context);
                } catch (MarshalException ex) {
                    throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILED_CHECK, "invalidSAMLsecurity",
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

                    algorithmSuiteValidator.checkSymmetricKeyLength(secretKey.length);
                }
            }
        }
       
        XMLSignature xmlSignature =
            verifyXMLSignature(elem, certs, publicKey, secretKey, signatureMethod, data, wsDocInfo);
        byte[] signatureValue = xmlSignature.getSignatureValue().getValue();
        String c14nMethod = xmlSignature.getSignedInfo().getCanonicalizationMethod().getAlgorithm();

        List<WSDataRef> dataRefs = 
            buildProtectedRefs(
                elem.getOwnerDocument(), xmlSignature.getSignedInfo(), data, wsDocInfo
            );
        if (dataRefs.size() == 0) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_CHECK);
        }
       
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

       
        context.setProperty(AttachmentContentSignatureTransform.ATTACHMENT_CALLBACKHANDLER,
                            data.getAttachmentCallbackHandler());
       
        try {
            XMLSignature xmlSignature = signatureFactory.unmarshalXMLSignature(context);
            checkBSPCompliance(xmlSignature, data.getBSPEnforcer());
           
            // Check for compliance against the defined AlgorithmSuite
            AlgorithmSuite algorithmSuite = data.getAlgorithmSuite();
            if (algorithmSuite != null) {
                AlgorithmSuiteValidator algorithmSuiteValidator = new
                    AlgorithmSuiteValidator(algorithmSuite);
                algorithmSuiteValidator.checkSignatureAlgorithms(xmlSignature);
            }
           
            // Test for replay attacks
            testMessageReplay(elem, xmlSignature.getSignatureValue().getValue(), data, wsDocInfo);
           
            setElementsOnContext(xmlSignature, (DOMValidateContext)context, wsDocInfo, elem.getOwnerDocument());
            boolean signatureOk = xmlSignature.validate(context);
            if (signatureOk) {
                return xmlSignature;
            }
            //
            // Log the exact signature error
            //
            if (LOG.isDebugEnabled()) {
                LOG.debug("XML Signature verification has failed");
                boolean signatureValidationCheck =
                    xmlSignature.getSignatureValue().validate(context);
                LOG.debug("Signature Validation check: " + signatureValidationCheck);
                java.util.Iterator<?> referenceIterator =
                    xmlSignature.getSignedInfo().getReferences().iterator();
                while (referenceIterator.hasNext()) {
                    Reference reference = (Reference)referenceIterator.next();
                    boolean referenceValidationCheck = reference.validate(context);
                    String id = reference.getId();
                    if (id == null) {
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

            KeyInfoFactory kif = fac.getKeyInfoFactory();
            KeyValue kv = kif.newKeyValue(publicKey);
            KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));

            XMLSignature signature = fac.newXMLSignature(si, ki);

            signature.sign(dsc);
        } catch (XMLSignatureException e) {
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (InvalidAlgorithmParameterException e) {
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

            throw new InvalidRequestException("Signature element is not present or has zero length.");
        }

        try {
            DOMValidateContext valContext = new DOMValidateContext(publicKey, nl.item(0));
            XMLSignature signature = fac.unmarshalXMLSignature(valContext);
            boolean signatureValid = signature.validate(valContext);

            if (log.isTraceEnabled() && !signatureValid) {
                boolean sv = signature.getSignatureValue().validate(valContext);
                log.trace("Signature validation status: " + sv);

                @SuppressWarnings("unchecked")
                List<Reference> references = signature.getSignedInfo().getReferences();
                for (Reference ref : references) {
                    log.trace("[Ref id=" + ref.getId() + ":uri=" + ref.getURI() + "] validity status:" + ref.validate(valContext));
                }
            }
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        for (int i = 0; i < totalCount; i++) {

            Element signatureNode = (Element) signatureNodes.item(i);

            valContext.setNode(signatureNode);
            final XMLSignature signature = fac.unmarshalXMLSignature(valContext);

            if (getConfiguration().getXmlSignatureChecker() != null) {
                XmlSignatureChecker.Input checkerInput = new CheckerInputBuilder().message(out).messageBodyDocument(doc)
                        .keyInfo(signature.getKeyInfo()).currentCountOfSignatures(i + 1).currentSignatureElement(signatureNode)
                        .objects(signature.getObjects()).signatureValue(signature.getSignatureValue())
                        .signedInfo(signature.getSignedInfo()).totalCountOfSignatures(totalCount)
                        .xmlSchemaValidationExecuted(getSchemaResourceUri(out) != null).build();
                getConfiguration().getXmlSignatureChecker().checkBeforeCoreValidation(checkerInput);
            }

            boolean coreValidity;
            try {
                coreValidity = signature.validate(valContext);
            } catch (XMLSignatureException se) {
                throw getConfiguration().getValidationFailedHandler().onXMLSignatureException(se);
            }
            // Check core validation status
            boolean goon = coreValidity;
            if (!coreValidity) {
                goon = handleSignatureValidationFailed(valContext, signature);
            }
            if (goon) {
                LOG.debug("XML signature {} verified", i + 1);
            } else {
                throw new XmlSignatureInvalidException("XML signature validation failed");
            }
            collectedObjects.addAll((List<XMLObject>) signature.getObjects());
            collectedReferences.addAll((List<Reference>) signature.getSignedInfo().getReferences());
        }
        map2Message(collectedReferences, collectedObjects, out, doc);
    }
View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

                }
                lastParent = parent;

                DOMSignContext dsc = createAndConfigureSignContext(parent, keySelector);

                XMLSignature signature = fac.newXMLSignature(si, keyInfo, objects, signatureId, null);
                // generate the signature
                signature.sign(dsc);
            }

            return XmlSignatureHelper.getDocument(lastParent);

        } catch (XMLSignatureException se) {
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.