Examples with SignerOutputStream com.sun.org.apache.xml.internal.security.utils.SignerOutputStream used on opensource projects

Example 1 with SignerOutputStream

use of com.sun.org.apache.xml.internal.security.utils.SignerOutputStream in project jdk8u_jdk by JetBrains.

the class XMLSignature method checkSignatureValue.

/**
     * Verifies if the signature is valid by redigesting all References,
     * comparing those against the stored DigestValues and then checking to see
     * if the Signatures match on the SignedInfo.
     *
     * @param pk {@link java.security.PublicKey} part of the keypair or
     * {@link javax.crypto.SecretKey} that was used to sign
     * @return true if the signature is valid, false otherwise
     * @throws XMLSignatureException
     */
public boolean checkSignatureValue(Key pk) throws XMLSignatureException {
    //check to see if the key is not null
    if (pk == null) {
        Object[] exArgs = { "Didn't get a key" };
        throw new XMLSignatureException("empty", exArgs);
    }
    // References inside a Manifest.
    try {
        SignedInfo si = this.getSignedInfo();
        //create a SignatureAlgorithms from the SignatureMethod inside
        //SignedInfo. This is used to validate the signature.
        SignatureAlgorithm sa = si.getSignatureAlgorithm();
        if (log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "signatureMethodURI = " + sa.getAlgorithmURI());
            log.log(java.util.logging.Level.FINE, "jceSigAlgorithm    = " + sa.getJCEAlgorithmString());
            log.log(java.util.logging.Level.FINE, "jceSigProvider     = " + sa.getJCEProviderName());
            log.log(java.util.logging.Level.FINE, "PublicKey = " + pk);
        }
        byte[] sigBytes = null;
        try {
            sa.initVerify(pk);
            // Get the canonicalized (normalized) SignedInfo
            SignerOutputStream so = new SignerOutputStream(sa);
            OutputStream bos = new UnsyncBufferedOutputStream(so);
            si.signInOctetStream(bos);
            bos.close();
            // retrieve the byte[] from the stored signature
            sigBytes = this.getSignatureValue();
        } catch (IOException ex) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
            }
        // Impossible...
        } catch (XMLSecurityException ex) {
            throw ex;
        }
        // the bytes that were stored in the signature.
        if (!sa.verify(sigBytes)) {
            log.log(java.util.logging.Level.WARNING, "Signature verification failed.");
            return false;
        }
        return si.verify(this.followManifestsDuringValidation);
    } catch (XMLSignatureException ex) {
        throw ex;
    } catch (XMLSecurityException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}

Example 2 with SignerOutputStream

use of com.sun.org.apache.xml.internal.security.utils.SignerOutputStream in project jdk8u_jdk by JetBrains.

the class XMLSignature method sign.

/**
     * Digests all References in the SignedInfo, calculates the signature value
     * and sets it in the SignatureValue Element.
     *
     * @param signingKey the {@link java.security.PrivateKey} or
     * {@link javax.crypto.SecretKey} that is used to sign.
     * @throws XMLSignatureException
     */
public void sign(Key signingKey) throws XMLSignatureException {
    if (signingKey instanceof PublicKey) {
        throw new IllegalArgumentException(I18n.translate("algorithms.operationOnlyVerification"));
    }
    try {
        //Create a SignatureAlgorithm object
        SignedInfo si = this.getSignedInfo();
        SignatureAlgorithm sa = si.getSignatureAlgorithm();
        OutputStream so = null;
        try {
            // initialize SignatureAlgorithm for signing
            sa.initSign(signingKey);
            // generate digest values for all References in this SignedInfo
            si.generateDigestValues();
            so = new UnsyncBufferedOutputStream(new SignerOutputStream(sa));
            // get the canonicalized bytes from SignedInfo
            si.signInOctetStream(so);
        } catch (XMLSecurityException ex) {
            throw ex;
        } finally {
            if (so != null) {
                try {
                    so.close();
                } catch (IOException ex) {
                    if (log.isLoggable(java.util.logging.Level.FINE)) {
                        log.log(java.util.logging.Level.FINE, ex.getMessage(), ex);
                    }
                }
            }
        }
        // set them on the SignatureValue element
        this.setSignatureValueElement(sa.sign());
    } catch (XMLSignatureException ex) {
        throw ex;
    } catch (CanonicalizationException ex) {
        throw new XMLSignatureException("empty", ex);
    } catch (InvalidCanonicalizerException ex) {
        throw new XMLSignatureException("empty", ex);
    } catch (XMLSecurityException ex) {
        throw new XMLSignatureException("empty", ex);
    }
}