use of com.sun.org.apache.xml.internal.security.utils.SignerOutputStream in project jdk8u_jdk by JetBrains.
the class XMLSignature method checkSignatureValue.
/**
* Verifies if the signature is valid by redigesting all References,
* comparing those against the stored DigestValues and then checking to see
* if the Signatures match on the SignedInfo.
*
* @param pk {@link java.security.PublicKey} part of the keypair or
* {@link javax.crypto.SecretKey} that was used to sign
* @return true if the signature is valid, false otherwise
* @throws XMLSignatureException
*/
public boolean checkSignatureValue(Key pk) throws XMLSignatureException {
//check to see if the key is not null
if (pk == null) {
Object[] exArgs = { "Didn't get a key" };
throw new XMLSignatureException("empty", exArgs);
}
// References inside a Manifest.
try {
SignedInfo si = this.getSignedInfo();
//create a SignatureAlgorithms from the SignatureMethod inside
//SignedInfo. This is used to validate the signature.
SignatureAlgorithm sa = si.getSignatureAlgorithm();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "signatureMethodURI = " + sa.getAlgorithmURI());
log.log(java.util.logging.Level.FINE, "jceSigAlgorithm = " + sa.getJCEAlgorithmString());
log.log(java.util.logging.Level.FINE, "jceSigProvider = " + sa.getJCEProviderName());
log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
}
byte[] sigBytes = null;
try {
sa.initVerify(pk);
// Get the canonicalized (normalized) SignedInfo
SignerOutputStream so = new SignerOutputStream(sa);
OutputStream bos = new UnsyncBufferedOutputStream(so);
si.signInOctetStream(bos);
bos.close();
// retrieve the byte[] from the stored signature
sigBytes = this.getSignatureValue();
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
// Impossible...
} catch (XMLSecurityException ex) {
throw ex;
}
// the bytes that were stored in the signature.
if (!sa.verify(sigBytes)) {
log.log(java.util.logging.Level.WARNING, "Signature verification failed.");
return false;
}
return si.verify(this.followManifestsDuringValidation);
} catch (XMLSignatureException ex) {
throw ex;
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
}
use of com.sun.org.apache.xml.internal.security.utils.SignerOutputStream in project jdk8u_jdk by JetBrains.
the class XMLSignature method sign.
/**
* Digests all References in the SignedInfo, calculates the signature value
* and sets it in the SignatureValue Element.
*
* @param signingKey the {@link java.security.PrivateKey} or
* {@link javax.crypto.SecretKey} that is used to sign.
* @throws XMLSignatureException
*/
public void sign(Key signingKey) throws XMLSignatureException {
if (signingKey instanceof PublicKey) {
throw new IllegalArgumentException(I18n.translate("algorithms.operationOnlyVerification"));
}
try {
//Create a SignatureAlgorithm object
SignedInfo si = this.getSignedInfo();
SignatureAlgorithm sa = si.getSignatureAlgorithm();
OutputStream so = null;
try {
// initialize SignatureAlgorithm for signing
sa.initSign(signingKey);
// generate digest values for all References in this SignedInfo
si.generateDigestValues();
so = new UnsyncBufferedOutputStream(new SignerOutputStream(sa));
// get the canonicalized bytes from SignedInfo
si.signInOctetStream(so);
} catch (XMLSecurityException ex) {
throw ex;
} finally {
if (so != null) {
try {
so.close();
} catch (IOException ex) {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
}
}
}
}
// set them on the SignatureValue element
this.setSignatureValueElement(sa.sign());
} catch (XMLSignatureException ex) {
throw ex;
} catch (CanonicalizationException ex) {
throw new XMLSignatureException("empty", ex);
} catch (InvalidCanonicalizerException ex) {
throw new XMLSignatureException("empty", ex);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException("empty", ex);
}
}
Aggregations