Example 6 with XMLStructure
use of javax.xml.crypto.XMLStructure in project santuario-java by apache.
the class Marshaller method marshalPGPData.
/**
* Marshals a {@link PGPData}
*
* @param xwriter
* @param pgpData
* @param dsPrefix
* @param context
* @throws MarshalException
*/
public static void marshalPGPData(XmlWriter xwriter, PGPData pgpData, String dsPrefix, XMLCryptoContext context) throws MarshalException {
xwriter.writeStartElement(dsPrefix, "PGPData", XMLSignature.XMLNS);
// create and append PGPKeyID element
byte[] keyId = pgpData.getKeyId();
if (keyId != null) {
xwriter.writeTextElement(dsPrefix, "PGPKeyID", XMLSignature.XMLNS, Base64.getMimeEncoder().encodeToString(keyId));
}
// create and append PGPKeyPacket element
byte[] keyPacket = pgpData.getKeyPacket();
if (keyPacket != null) {
xwriter.writeTextElement(dsPrefix, "XMLSignature.XMLNS", XMLSignature.XMLNS, Base64.getMimeEncoder().encodeToString(keyPacket));
}
// create and append any elements
@SuppressWarnings("unchecked") List<XMLStructure> externalElements = pgpData.getExternalElements();
for (XMLStructure externalItem : externalElements) {
xwriter.marshalStructure(externalItem, dsPrefix, context);
}
// "PGPData"
xwriter.writeEndElement();
}
Also used :
XMLStructure(javax.xml.crypto.XMLStructure)
Example 7 with XMLStructure
use of javax.xml.crypto.XMLStructure in project santuario-java by apache.
the class KeyInfoTest method testgetContent.
@org.junit.Test
@SuppressWarnings("unchecked")
public void testgetContent() {
KeyInfo[] infos = new KeyInfo[2];
infos[0] = fac.newKeyInfo(Collections.singletonList(fac.newKeyName("foo")), "skeleton");
infos[1] = fac.newKeyInfo(Collections.singletonList(fac.newKeyName("foo")));
for (int j = 0; j < infos.length; j++) {
KeyInfo ki = infos[j];
List<XMLStructure> li = ki.getContent();
assertNotNull(ki.getContent());
Object[] content = li.toArray();
for (int i = 0; i < content.length; i++) {
if (!(content[i] instanceof XMLStructure)) {
fail("KeyInfo element has the wrong type");
}
}
}
}
Also used :
KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo)
XMLStructure(javax.xml.crypto.XMLStructure)
Example 8 with XMLStructure
use of javax.xml.crypto.XMLStructure in project camel by apache.
the class XmlVerifierProcessor method handleSignatureValidationFailed.
@SuppressWarnings("unchecked")
protected boolean handleSignatureValidationFailed(DOMValidateContext valContext, XMLSignature signature) throws Exception {
//NOPMD
ValidationFailedHandler handler = getConfiguration().getValidationFailedHandler();
LOG.debug("handleSignatureValidationFailed called");
try {
handler.start();
// first check signature value, see
// https://www.isecpartners.com/media/12012/XMLDSIG_Command_Injection.pdf
SignatureValue sigValue = signature.getSignatureValue();
boolean sv = sigValue.validate(valContext);
if (!sv) {
handler.signatureValueValidationFailed(sigValue);
}
// check the validation status of each Reference
for (Reference ref : (List<Reference>) signature.getSignedInfo().getReferences()) {
boolean refValid = ref.validate(valContext);
if (!refValid) {
handler.referenceValidationFailed(ref);
}
}
// validate Manifests, if property set
if (Boolean.TRUE.equals(valContext.getProperty("org.jcp.xml.dsig.validateManifests"))) {
for (XMLObject xo : (List<XMLObject>) signature.getObjects()) {
List<XMLStructure> content = xo.getContent();
for (XMLStructure xs : content) {
if (xs instanceof Manifest) {
Manifest man = (Manifest) xs;
for (Reference ref : (List<Reference>) man.getReferences()) {
boolean refValid = ref.validate(valContext);
if (!refValid) {
handler.manifestReferenceValidationFailed(ref);
}
}
}
}
}
}
boolean goon = handler.ignoreCoreValidationFailure();
LOG.debug("Ignore Core Validation failure: {}", goon);
return goon;
} finally {
handler.end();
}
}
Also used :
ValidationFailedHandler(org.apache.camel.component.xmlsecurity.api.ValidationFailedHandler)
SignatureValue(javax.xml.crypto.dsig.XMLSignature.SignatureValue)
Reference(javax.xml.crypto.dsig.Reference)
XMLObject(javax.xml.crypto.dsig.XMLObject)
ArrayList(java.util.ArrayList)
NodeList(org.w3c.dom.NodeList)
List(java.util.List)
XMLStructure(javax.xml.crypto.XMLStructure)
Manifest(javax.xml.crypto.dsig.Manifest)
Example 9 with XMLStructure
use of javax.xml.crypto.XMLStructure in project camel by apache.
the class DefaultXmlSignature2Message method getDomStructureForMessageBody.
/**
* Returns the DOM structure which is transformed to a byte array and set to
* the camel message body.
*
* @param relevantReferences
* input from method
* {@link #getReferencesForMessageMapping(ReferencesAndObjects)}
* @param relevantObjects
* input from method
* {@link #getObjectsForMessageMapping(ReferencesAndObjects)}
* @return dom structure
* @throws Exception
* if an error occurs
*/
protected DOMStructure getDomStructureForMessageBody(List<Reference> relevantReferences, List<XMLObject> relevantObjects) throws Exception {
//NOPMD
List<XMLObject> referencedObjects = getReferencedSameDocumentObjects(relevantReferences, relevantObjects);
if (referencedObjects.isEmpty()) {
throw new XmlSignatureException(String.format("Unsupported XML signature document: Content object not found in the enveloping XML signature."));
}
if (referencedObjects.size() > 1) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < referencedObjects.size(); i++) {
XMLObject xmlOb = referencedObjects.get(i);
sb.append(xmlOb.getId());
if (i < referencedObjects.size() - 1) {
sb.append(", ");
}
}
throw new XmlSignatureException(String.format("Unsupported XML signature document: More than one content objects found. Object IDs: %s", sb.toString()));
}
@SuppressWarnings("unchecked") List<XMLStructure> structures = referencedObjects.get(0).getContent();
if (structures.size() == 0) {
throw new XmlSignatureException("Unsupported XML signature: XML signature is not enveloping; content not found in XML signature: structure list is empty.");
}
if (structures.size() > 1) {
throw new XmlSignatureException("Unsupported XML signature: more than one structure elements in referenced content object.");
}
XMLStructure structure = structures.get(0);
// only dom currently supported
DOMStructure domStruc = (DOMStructure) structure;
return domStruc;
}
Also used :
DOMStructure(javax.xml.crypto.dom.DOMStructure)
XMLObject(javax.xml.crypto.dsig.XMLObject)
XMLStructure(javax.xml.crypto.XMLStructure)
Example 10 with XMLStructure
use of javax.xml.crypto.XMLStructure in project jdk8u_jdk by JetBrains.
the class GenerationTests method test_create_signature_reference_dependency.
static void test_create_signature_reference_dependency() throws Exception {
System.out.println("* Generating signature-reference-dependency.xml");
// create references
List<Reference> refs = Collections.singletonList(fac.newReference("#object-1", sha1));
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, rsaSha1, refs);
// create objects
List<XMLStructure> objs = new ArrayList<XMLStructure>();
// Object 1
List<Reference> manRefs = Collections.singletonList(fac.newReference("#object-2", sha1));
objs.add(fac.newXMLObject(Collections.singletonList(fac.newManifest(manRefs, "manifest-1")), "object-1", null, null));
// Object 2
Document doc = db.newDocument();
Element nc = doc.createElementNS(null, "NonCommentandus");
nc.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "");
nc.appendChild(doc.createComment(" Commentandum "));
objs.add(fac.newXMLObject(Collections.singletonList(new DOMStructure(nc)), "object-2", null, null));
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, rsa, objs, "signature", null);
DOMSignContext dsc = new DOMSignContext(getPrivateKey("RSA", 512), doc);
sig.sign(dsc);
// dumpDocument(doc, new PrintWriter(System.out));
DOMValidateContext dvc = new DOMValidateContext(kvks, doc.getDocumentElement());
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
if (sig.equals(sig2) == false) {
throw new Exception("Unmarshalled signature is not equal to generated signature");
}
if (sig2.validate(dvc) == false) {
throw new Exception("Validation of generated signature failed");
}
System.out.println();
}
Also used :
URIReference(javax.xml.crypto.URIReference)
XMLStructure(javax.xml.crypto.XMLStructure)
URIReferenceException(javax.xml.crypto.URIReferenceException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext)
DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext)
Aggregations
XMLStructure (javax.xml.crypto.XMLStructure)17
ArrayList (java.util.ArrayList)8
DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)7
DOMStructure (javax.xml.crypto.dom.DOMStructure)6
Reference (javax.xml.crypto.dsig.Reference)6
XMLObject (javax.xml.crypto.dsig.XMLObject)6
DOMValidateContext (javax.xml.crypto.dsig.dom.DOMValidateContext)5
Element (org.w3c.dom.Element)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
X509Certificate (java.security.cert.X509Certificate)4
URIReference (javax.xml.crypto.URIReference)4
URIReferenceException (javax.xml.crypto.URIReferenceException)4
Map (java.util.Map)3
Manifest (javax.xml.crypto.dsig.Manifest)3
SignatureProperties (javax.xml.crypto.dsig.SignatureProperties)3
SignatureProperty (javax.xml.crypto.dsig.SignatureProperty)3
Key (java.security.Key)2
HashMap (java.util.HashMap)2
List (java.util.List)2
CanonicalizationMethod (javax.xml.crypto.dsig.CanonicalizationMethod)2
