Examples of XMLSignature

com.sun.org.apache.xml.internal.security.signature.XMLSignature
Handles <ds:Signature> elements. This is the main class that deals with creating and verifying signatures.
There are 2 types of constructors for this class. The ones that take a document, baseURI and 1 or more Java Objects. This is mostly used for signing purposes. The other constructor is the one that takes a DOM Element and a BaseURI. This is used mostly with for verifying, when you have a SignatureElement. There are a few different types of methods:
- The addDocument* methods are used to add References with optional transforms during signing.
- addKeyInfo* methods are to add Certificates and Keys to the KeyInfo tags during signing.
- appendObject allows a user to add any XML Structure as an ObjectContainer during signing.
- sign and checkSignatureValue methods are used to sign and validate the signature.
@author $Author: raul $
javax.xml.crypto.dsig.XMLSignature
3.org/TR/xmldsig-core/"> W3C Recommendation for XML-Signature Syntax and Processing. This class contains methods for signing and validating XML signatures with behavior as defined by the W3C specification. The XML Schema Definition is defined as:
```
 <element name="Signature" type="ds:SignatureType"/> <complexType name="SignatureType"> <sequence>  <element ref="ds:SignedInfo"/>  <element ref="ds:SignatureValue"/>  <element ref="ds:KeyInfo" minOccurs="0"/>  <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>  </sequence>   <attribute name="Id" type="ID" use="optional"/> </complexType> 
```
An XMLSignature instance may be created by invoking one of the {@link XMLSignatureFactory#newXMLSignature newXMLSignature} methods of the{@link XMLSignatureFactory} class.
If the contents of the underlying document containing the XMLSignature are subsequently modified, the behavior is undefined.
Note that this class is named XMLSignature rather than Signature to avoid naming clashes with the existing {@link Signature java.security.Signature} class. @see XMLSignatureFactory#newXMLSignature(SignedInfo,KeyInfo) @see XMLSignatureFactory#newXMLSignature(SignedInfo,KeyInfo,List,String,String) @author Joyce L. Leung @author Sean Mullan @author Erwin van der Koogh @author JSR 105 Expert Group
org.apache.xml.security.signature.XMLSignature
Handles <ds:Signature> elements. This is the main class that deals with creating and verifying signatures.
There are 2 types of constructors for this class. The ones that take a document, baseURI and 1 or more Java Objects. This is mostly used for signing purposes. The other constructor is the one that takes a DOM Element and a baseURI. This is used mostly with for verifying, when you have a SignatureElement. There are a few different types of methods:
- The addDocument* methods are used to add References with optional transforms during signing.
- addKeyInfo* methods are to add Certificates and Keys to the KeyInfo tags during signing.
- appendObject allows a user to add any XML Structure as an ObjectContainer during signing.
- sign and checkSignatureValue methods are used to sign and validate the signature.

Examples of javax.xml.crypto.dsig.XMLSignature

                    algorithmSuiteValidator.checkSymmetricKeyLength(secretKey.length);
                }
            }
        }
        
        XMLSignature xmlSignature = 
            verifyXMLSignature(elem, certs, publicKey, secretKey, signatureMethod, data, wsDocInfo);
        byte[] signatureValue = xmlSignature.getSignatureValue().getValue();
        String c14nMethod = xmlSignature.getSignedInfo().getCanonicalizationMethod().getAlgorithm();


        List<WSDataRef> dataRefs =  
            buildProtectedRefs(
                elem.getOwnerDocument(), xmlSignature.getSignedInfo(), data.getWssConfig(), wsDocInfo
            );
        if (dataRefs.size() == 0) {
            throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
        }

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        context.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
        context.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.TRUE);
        context.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo);
        
        try {
            XMLSignature xmlSignature = signatureFactory.unmarshalXMLSignature(context);
            if (data.getWssConfig().isWsiBSPCompliant()) {
                checkBSPCompliance(xmlSignature);
            }
            
            // Check for compliance against the defined AlgorithmSuite
            AlgorithmSuite algorithmSuite = data.getAlgorithmSuite();
            if (algorithmSuite != null) {
                AlgorithmSuiteValidator algorithmSuiteValidator = new
                    AlgorithmSuiteValidator(algorithmSuite);
                algorithmSuiteValidator.checkSignatureAlgorithms(xmlSignature);
            }
            
            // Test for replay attacks
            testMessageReplay(elem, xmlSignature.getSignatureValue().getValue(), data, wsDocInfo);
            
            setElementsOnContext(xmlSignature, (DOMValidateContext)context, wsDocInfo, elem.getOwnerDocument());
            boolean signatureOk = xmlSignature.validate(context);
            if (signatureOk) {
                return xmlSignature;
            }
            //
            // Log the exact signature error
            //
            if (LOG.isDebugEnabled()) {
                LOG.debug("XML Signature verification has failed");
                boolean signatureValidationCheck = 
                    xmlSignature.getSignatureValue().validate(context);
                LOG.debug("Signature Validation check: " + signatureValidationCheck);
                java.util.Iterator<?> referenceIterator = 
                    xmlSignature.getSignedInfo().getReferences().iterator();
                while (referenceIterator.hasNext()) {
                    Reference reference = (Reference)referenceIterator.next();
                    boolean referenceValidationCheck = reference.validate(context);
                    String id = reference.getId();
                    if (id == null) {

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

                // structure for testing the transform/digest algorithms etc.
                XMLValidateContext context = new DOMValidateContext(key, sig.getDOM());
                context.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
                context.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.TRUE);


                XMLSignature xmlSignature;
                try {
                    xmlSignature = signatureFactory.unmarshalXMLSignature(context);
                } catch (MarshalException ex) {
                    throw new WSSecurityException(
                        WSSecurityException.FAILED_CHECK, "invalidSAMLsecurity",

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

            && secretKey == null
            && publicKey == null) {
            throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
        }
        
        XMLSignature xmlSignature = 
            verifyXMLSignature(elem, certs, publicKey, secretKey, signatureMethod, data, wsDocInfo);
        byte[] signatureValue = xmlSignature.getSignatureValue().getValue();
        String c14nMethod = xmlSignature.getSignedInfo().getCanonicalizationMethod().getAlgorithm();
        // The c14n algorithm must be as specified by the BSP spec
        if (data.getWssConfig().isWsiBSPCompliant() 
            && !WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(c14nMethod)) {
            throw new WSSecurityException(
                WSSecurityException.INVALID_SECURITY, "badC14nAlgo"
            );
        }
        List<WSDataRef> dataRefs =  
            buildProtectedRefs(
                elem.getOwnerDocument(), xmlSignature.getSignedInfo(), data.getWssConfig(), wsDocInfo
            );
        if (dataRefs.size() == 0) {
            throw new WSSecurityException(WSSecurityException.FAILED_CHECK);
        }

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        context.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
        context.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
        context.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo);
        
        try {
            XMLSignature xmlSignature = signatureFactory.unmarshalXMLSignature(context);
            
            // Test for replay attacks
            testMessageReplay(elem, xmlSignature.getSignatureValue().getValue(), data, wsDocInfo);
            
            setElementsOnContext(xmlSignature, (DOMValidateContext)context, wsDocInfo, elem.getOwnerDocument());
            boolean signatureOk = xmlSignature.validate(context);
            if (signatureOk) {
                return xmlSignature;
            }
            //
            // Log the exact signature error
            //
            if (LOG.isDebugEnabled()) {
                LOG.debug("XML Signature verification has failed");
                boolean signatureValidationCheck = 
                    xmlSignature.getSignatureValue().validate(context);
                LOG.debug("Signature Validation check: " + signatureValidationCheck);
                java.util.Iterator<?> referenceIterator = 
                    xmlSignature.getSignedInfo().getReferences().iterator();
                while (referenceIterator.hasNext()) {
                    Reference reference = (Reference)referenceIterator.next();
                    boolean referenceValidationCheck = reference.validate(context);
                    String id = reference.getId();
                    if (id == null) {

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);


        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);


        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");


        sig.sign(dsc);
        
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);


        DOMValidateContext dvc = new DOMValidateContext
        (ks, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);


        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);


        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);


        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");


        sig.sign(dsc);
        
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);


        DOMValidateContext dvc = new DOMValidateContext
        (verifyingKey, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);


        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);


        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);


        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");


        sig.sign(dsc);
        
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);


        DOMValidateContext dvc = new DOMValidateContext
        (ks, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);


        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }

View Full Code Here

Examples of javax.xml.crypto.dsig.XMLSignature

        webElem.appendChild(text);
        XMLObject obj = fac.newXMLObject(Collections.singletonList
                                         (new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);


        // create XMLSignature
        XMLSignature sig = fac.newXMLSignature
        (si, ki, Collections.singletonList(obj), null, null);


        DOMSignContext dsc = new DOMSignContext(signingKey, doc);
        dsc.setDefaultNamespacePrefix("dsig");


        sig.sign(dsc);
        
        // XMLUtils.outputDOM(doc.getDocumentElement(), System.out);


        DOMValidateContext dvc = new DOMValidateContext
        (ks, doc.getDocumentElement());
        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);


        assertTrue(sig.equals(sig2));
        assertTrue(sig2.validate(dvc));
    }

View Full Code Here

Examples of org.apache.xml.security.signature.XMLSignature


        DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
        Document doc = db.newDocument();
        String directory = "data/org/apache/xml/security/c14n/outExcl/";
        File signatureFile = new File(directory + "apacheSignature.xml");
        XMLSignature xmlSignature = new XMLSignature(doc,
                                                     signatureFile.toURI().toURL().toString(),
                                                     XMLSignature.ALGO_ID_MAC_HMAC_SHA1);


        doc.appendChild(xmlSignature.getElement());
        {
            // ref 0
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            xmlSignature.addDocument("iaikTests.example1.xml", tf);
        }


        {
            // ref 1
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
            xmlSignature.addDocument("iaikTests.example1.xml", tf);
        }


        {
            // ref 2
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            xmlSignature.addDocument("iaikTests.example2.xml", tf);
        }


        {
            // ref 3
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
            xmlSignature.addDocument("iaikTests.example2.xml", tf);
        }


        {
            // ref 4
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:default",
                "http://example.org/default");
                xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
                xc.setXPath(
                "self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }


            xmlSignature.addDocument("iaikTests.example3.xml", tf);
        }


        {
            // ref 5
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:default",
                "http://example.org/default");
                xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
                xc.setXPath(
                "self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
            xmlSignature.addDocument("iaikTests.example3.xml", tf);
        }


        {
            // ref 6
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            xmlSignature.addDocument("iaikTests.example4.xml", tf);
        }


        {
            // ref 7
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
                xc.setXPath(
                "self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            {
                InclusiveNamespaces incNS = new InclusiveNamespaces(doc, "ns2");


                tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS,
                                incNS.getElement());
            }
            xmlSignature.addDocument("iaikTests.example4.xml", tf);
        }


        {
            // ref 8
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object1";


            obj.setId(id);


            String xmlStr = "" + "<included    xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='uk'>" + "\n"
            + "<included                 >" + "\n" + "</included>"
            + "\n" + "</notIncluded>" + "\n" + "</notIncluded>"
            + "\n" + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            // ref apache_8
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 9
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object2";


            obj.setId(id);


            String xmlStr = "" + "<included    xml:lang='uk'>" + "\n"
            + "<notIncluded xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='uk'>" + "\n"
            + "<included                 >" + "\n" + "</included>"
            + "\n" + "</notIncluded>" + "\n" + "</notIncluded>"
            + "\n" + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            // ref apache_8
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }
            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 10
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object3";


            obj.setId(id);


            String xmlStr = "" + "<included    xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='uk'>" + "\n"
            + "<included    xml:lang='de'>" + "\n" + "</included>"
            + "\n" + "</notIncluded>" + "\n" + "</notIncluded>"
            + "\n" + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            // ref apache_8
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }


            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 11
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object4";


            obj.setId(id);


            String xmlStr = "" + "<included    xml:lang='de'>" + "\n"
            + "<included    xml:lang='de'>" + "\n"
            + "<notIncluded xml:lang='uk'>" + "\n"
            + "<included                 >" + "\n" + "</included>"
            + "\n" + "</notIncluded>" + "\n" + "</included>"
            + "\n" + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }


            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 12
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object5";


            obj.setId(id);


            String xmlStr = "" + "<included                         xml:lang='de'>"
            + "\n"
            + "<included                         xml:lang='de'>"
            + "\n"
            + "<notIncluded xml:space='preserve' xml:lang='uk'>"
            + "\n" + "<included                 >" + "\n"
            + "</included>" + "\n" + "</notIncluded>" + "\n"
            + "</included>" + "\n" + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }


            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 13
            ObjectContainer obj = new ObjectContainer(doc);
            String id = "object6";


            obj.setId(id);


            String xmlStr = "" + "<included   xml:space='preserve'  xml:lang='de'>"
            + "\n"
            + "<included                         xml:lang='de'>"
            + "\n"
            + "<notIncluded                      xml:lang='uk'>"
            + "\n" + "<included>" + "\n" + "</included>" + "\n"
            + "</notIncluded>" + "\n" + "</included>" + "\n"
            + "</included>";
            Document importDoc =
                db.parse(new ByteArrayInputStream(xmlStr.getBytes()));


            obj.getElement().appendChild(doc.createTextNode("\n"));
            obj.getElement()
            .appendChild(doc.importNode(importDoc.getDocumentElement(), true));
            obj.getElement().appendChild(doc.createTextNode("\n"));
            xmlSignature.appendObject(obj);


            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            }


            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 13b
            String id = "object6";
            Transforms tf = new Transforms(doc);
            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
                tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
            }
            xmlSignature.addDocument("#" + id, tf);
        }


        {
            // ref 13c
            String id = "object6";
            Transforms tf = new Transforms(doc);


            {
                XPathContainer xc = new XPathContainer(doc);


                xc.setXPath("self::node()[local-name()='included']");
                tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
                tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
                tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
            }
            xmlSignature.addDocument("#" + id, tf);
            // xmlSignature.addDocument("#" + id, tf, org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1, "ref13c", null);
        }


        String secretKey = "secret";


        xmlSignature.getKeyInfo().addKeyName("The UTF-8 octets of \"" + secretKey
                                             + "\" are used for signing ("
                                             + secretKey.length() + " octets)");
        xmlSignature.sign(xmlSignature.createSecretKey(secretKey.getBytes()));


        FileOutputStream fos = new FileOutputStream(signatureFile);


        XMLUtils.outputDOM(doc, fos);
        fos.close();


        int length = xmlSignature.getSignedInfo().getLength();


        for (int i = 0; i < length; i++) {
            String fname = directory + "c14n-" + i + "-apache.xml";


            System.out.println(fname);
            JavaUtils.writeBytesToFilename(fname, xmlSignature.getSignedInfo().getReferencedContentAfterTransformsItem(i).getBytes());
        }


        XMLSignature s = new XMLSignature(doc.getDocumentElement(),
                                          signatureFile.toURI().toURL().toString());
        boolean verify =
            s.checkSignatureValue(s.createSecretKey("secret".getBytes()));


        System.out.println("verify=" + verify);


        System.out.println("");

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.