Example 6 with DOMStructure
use of javax.xml.crypto.dom.DOMStructure in project poi by apache.
the class KeyInfoSignatureFacet method postSign.
@Override
public void postSign(Document document) throws MarshalException {
LOG.log(POILogger.DEBUG, "postSign");
NodeList nl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "Object");
/*
* Make sure we insert right after the ds:SignatureValue element, just
* before the first ds:Object element.
*/
Node nextSibling = (nl.getLength() == 0) ? null : nl.item(0);
/*
* Construct the ds:KeyInfo element using JSR 105.
*/
KeyInfoFactory keyInfoFactory = signatureConfig.getKeyInfoFactory();
List<Object> x509DataObjects = new ArrayList<Object>();
X509Certificate signingCertificate = signatureConfig.getSigningCertificateChain().get(0);
List<XMLStructure> keyInfoContent = new ArrayList<XMLStructure>();
if (signatureConfig.isIncludeKeyValue()) {
KeyValue keyValue;
try {
keyValue = keyInfoFactory.newKeyValue(signingCertificate.getPublicKey());
} catch (KeyException e) {
throw new RuntimeException("key exception: " + e.getMessage(), e);
}
keyInfoContent.add(keyValue);
}
if (signatureConfig.isIncludeIssuerSerial()) {
x509DataObjects.add(keyInfoFactory.newX509IssuerSerial(signingCertificate.getIssuerX500Principal().toString(), signingCertificate.getSerialNumber()));
}
if (signatureConfig.isIncludeEntireCertificateChain()) {
x509DataObjects.addAll(signatureConfig.getSigningCertificateChain());
} else {
x509DataObjects.add(signingCertificate);
}
if (!x509DataObjects.isEmpty()) {
X509Data x509Data = keyInfoFactory.newX509Data(x509DataObjects);
keyInfoContent.add(x509Data);
}
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoContent);
DOMKeyInfo domKeyInfo = (DOMKeyInfo) keyInfo;
Key key = new Key() {
private static final long serialVersionUID = 1L;
public String getAlgorithm() {
return null;
}
public byte[] getEncoded() {
return null;
}
public String getFormat() {
return null;
}
};
Element n = document.getDocumentElement();
DOMSignContext domSignContext = (nextSibling == null) ? new DOMSignContext(key, n) : new DOMSignContext(key, n, nextSibling);
for (Map.Entry<String, String> me : signatureConfig.getNamespacePrefixes().entrySet()) {
domSignContext.putNamespacePrefix(me.getKey(), me.getValue());
}
DOMStructure domStructure = new DOMStructure(n);
domKeyInfo.marshal(domStructure, domSignContext);
// move keyinfo into the right place
if (nextSibling != null) {
NodeList kiNl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "KeyInfo");
if (kiNl.getLength() != 1) {
throw new RuntimeException("KeyInfo wasn't set");
}
nextSibling.getParentNode().insertBefore(kiNl.item(0), nextSibling);
}
}
Also used :
KeyValue(javax.xml.crypto.dsig.keyinfo.KeyValue)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
XMLStructure(javax.xml.crypto.XMLStructure)
X509Data(javax.xml.crypto.dsig.keyinfo.X509Data)
X509Certificate(java.security.cert.X509Certificate)
KeyException(java.security.KeyException)
KeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)
KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo)
DOMKeyInfo(org.apache.jcp.xml.dsig.internal.dom.DOMKeyInfo)
DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext)
DOMKeyInfo(org.apache.jcp.xml.dsig.internal.dom.DOMKeyInfo)
DOMStructure(javax.xml.crypto.dom.DOMStructure)
Map(java.util.Map)
Key(java.security.Key)
Example 7 with DOMStructure
use of javax.xml.crypto.dom.DOMStructure in project camel by apache.
the class DefaultXmlSignature2Message method getDomStructureForMessageBody.
/**
* Returns the DOM structure which is transformed to a byte array and set to
* the camel message body.
*
* @param relevantReferences
* input from method
* {@link #getReferencesForMessageMapping(ReferencesAndObjects)}
* @param relevantObjects
* input from method
* {@link #getObjectsForMessageMapping(ReferencesAndObjects)}
* @return dom structure
* @throws Exception
* if an error occurs
*/
protected DOMStructure getDomStructureForMessageBody(List<Reference> relevantReferences, List<XMLObject> relevantObjects) throws Exception {
//NOPMD
List<XMLObject> referencedObjects = getReferencedSameDocumentObjects(relevantReferences, relevantObjects);
if (referencedObjects.isEmpty()) {
throw new XmlSignatureException(String.format("Unsupported XML signature document: Content object not found in the enveloping XML signature."));
}
if (referencedObjects.size() > 1) {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < referencedObjects.size(); i++) {
XMLObject xmlOb = referencedObjects.get(i);
sb.append(xmlOb.getId());
if (i < referencedObjects.size() - 1) {
sb.append(", ");
}
}
throw new XmlSignatureException(String.format("Unsupported XML signature document: More than one content objects found. Object IDs: %s", sb.toString()));
}
@SuppressWarnings("unchecked") List<XMLStructure> structures = referencedObjects.get(0).getContent();
if (structures.size() == 0) {
throw new XmlSignatureException("Unsupported XML signature: XML signature is not enveloping; content not found in XML signature: structure list is empty.");
}
if (structures.size() > 1) {
throw new XmlSignatureException("Unsupported XML signature: more than one structure elements in referenced content object.");
}
XMLStructure structure = structures.get(0);
// only dom currently supported
DOMStructure domStruc = (DOMStructure) structure;
return domStruc;
}
Also used :
DOMStructure(javax.xml.crypto.dom.DOMStructure)
XMLObject(javax.xml.crypto.dsig.XMLObject)
XMLStructure(javax.xml.crypto.XMLStructure)
Example 8 with DOMStructure
use of javax.xml.crypto.dom.DOMStructure in project camel by apache.
the class TimestampProperty method get.
@Override
public Output get(Input input) throws Exception {
Transform transform = input.getSignatureFactory().newTransform(CanonicalizationMethod.INCLUSIVE, (TransformParameterSpec) null);
Reference ref = input.getSignatureFactory().newReference("#propertiesObject", input.getSignatureFactory().newDigestMethod(input.getContentDigestAlgorithm(), null), Collections.singletonList(transform), null, null);
String doc2 = "<ts:timestamp xmlns:ts=\"http:/timestamp\">" + System.currentTimeMillis() + "</ts:timestamp>";
InputStream is = new ByteArrayInputStream(doc2.getBytes("UTF-8"));
Document doc = XmlSignatureHelper.newDocumentBuilder(Boolean.TRUE).parse(is);
DOMStructure structure = new DOMStructure(doc.getDocumentElement());
SignatureProperty prop = input.getSignatureFactory().newSignatureProperty(Collections.singletonList(structure), input.getSignatureId(), "property");
SignatureProperties properties = input.getSignatureFactory().newSignatureProperties(Collections.singletonList(prop), "properties");
XMLObject propertiesObject = input.getSignatureFactory().newXMLObject(Collections.singletonList(properties), "propertiesObject", null, null);
XmlSignatureProperties.Output result = new Output();
result.setReferences(Collections.singletonList(ref));
result.setObjects(Collections.singletonList(propertiesObject));
return result;
}
Also used :
Reference(javax.xml.crypto.dsig.Reference)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
XmlSignatureProperties(org.apache.camel.component.xmlsecurity.api.XmlSignatureProperties)
XMLObject(javax.xml.crypto.dsig.XMLObject)
Document(org.w3c.dom.Document)
SignatureProperty(javax.xml.crypto.dsig.SignatureProperty)
ByteArrayInputStream(java.io.ByteArrayInputStream)
DOMStructure(javax.xml.crypto.dom.DOMStructure)
XmlSignatureProperties(org.apache.camel.component.xmlsecurity.api.XmlSignatureProperties)
SignatureProperties(javax.xml.crypto.dsig.SignatureProperties)
Transform(javax.xml.crypto.dsig.Transform)
Example 9 with DOMStructure
use of javax.xml.crypto.dom.DOMStructure in project poi by apache.
the class OOXMLSignatureFacet method addSignatureTime.
protected void addSignatureTime(Document document, List<XMLStructure> objectContent) {
/*
* SignatureTime
*/
DateFormat fmt = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.ROOT);
fmt.setTimeZone(LocaleUtil.TIMEZONE_UTC);
String nowStr = fmt.format(signatureConfig.getExecutionTime());
LOG.log(POILogger.DEBUG, "now: " + nowStr);
SignatureTimeDocument sigTime = SignatureTimeDocument.Factory.newInstance();
CTSignatureTime ctTime = sigTime.addNewSignatureTime();
ctTime.setFormat("YYYY-MM-DDThh:mm:ssTZD");
ctTime.setValue(nowStr);
Element n = (Element) document.importNode(ctTime.getDomNode(), true);
List<XMLStructure> signatureTimeContent = new ArrayList<XMLStructure>();
signatureTimeContent.add(new DOMStructure(n));
SignatureProperty signatureTimeSignatureProperty = getSignatureFactory().newSignatureProperty(signatureTimeContent, "#" + signatureConfig.getPackageSignatureId(), "idSignatureTime");
List<SignatureProperty> signaturePropertyContent = new ArrayList<SignatureProperty>();
signaturePropertyContent.add(signatureTimeSignatureProperty);
SignatureProperties signatureProperties = getSignatureFactory().newSignatureProperties(signaturePropertyContent, "id-signature-time-" + signatureConfig.getExecutionTime());
objectContent.add(signatureProperties);
}
Also used :
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
XMLStructure(javax.xml.crypto.XMLStructure)
SignatureProperty(javax.xml.crypto.dsig.SignatureProperty)
SimpleDateFormat(java.text.SimpleDateFormat)
DateFormat(java.text.DateFormat)
CTSignatureTime(org.openxmlformats.schemas.xpackage.x2006.digitalSignature.CTSignatureTime)
DOMStructure(javax.xml.crypto.dom.DOMStructure)
SignatureProperties(javax.xml.crypto.dsig.SignatureProperties)
SignatureTimeDocument(org.openxmlformats.schemas.xpackage.x2006.digitalSignature.SignatureTimeDocument)
SimpleDateFormat(java.text.SimpleDateFormat)
Example 10 with DOMStructure
use of javax.xml.crypto.dom.DOMStructure in project poi by apache.
the class OOXMLSignatureFacet method addSignatureInfo.
protected void addSignatureInfo(Document document, List<Reference> references, List<XMLObject> objects) throws XMLSignatureException {
List<XMLStructure> objectContent = new ArrayList<XMLStructure>();
SignatureInfoV1Document sigV1 = SignatureInfoV1Document.Factory.newInstance();
CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1();
ctSigV1.setManifestHashAlgorithm(signatureConfig.getDigestMethodUri());
Element n = (Element) document.importNode(ctSigV1.getDomNode(), true);
n.setAttributeNS(XML_NS, XMLConstants.XMLNS_ATTRIBUTE, MS_DIGSIG_NS);
List<XMLStructure> signatureInfoContent = new ArrayList<XMLStructure>();
signatureInfoContent.add(new DOMStructure(n));
SignatureProperty signatureInfoSignatureProperty = getSignatureFactory().newSignatureProperty(signatureInfoContent, "#" + signatureConfig.getPackageSignatureId(), "idOfficeV1Details");
List<SignatureProperty> signaturePropertyContent = new ArrayList<SignatureProperty>();
signaturePropertyContent.add(signatureInfoSignatureProperty);
SignatureProperties signatureProperties = getSignatureFactory().newSignatureProperties(signaturePropertyContent, null);
objectContent.add(signatureProperties);
String objectId = "idOfficeObject";
objects.add(getSignatureFactory().newXMLObject(objectContent, objectId, null, null));
Reference reference = newReference("#" + objectId, null, XML_DIGSIG_NS + "Object", null, null);
references.add(reference);
}
Also used :
SignatureInfoV1Document(com.microsoft.schemas.office.x2006.digsig.SignatureInfoV1Document)
Reference(javax.xml.crypto.dsig.Reference)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
DOMStructure(javax.xml.crypto.dom.DOMStructure)
SignatureProperties(javax.xml.crypto.dsig.SignatureProperties)
CTSignatureInfoV1(com.microsoft.schemas.office.x2006.digsig.CTSignatureInfoV1)
XMLStructure(javax.xml.crypto.XMLStructure)
SignatureProperty(javax.xml.crypto.dsig.SignatureProperty)
Aggregations
DOMStructure (javax.xml.crypto.dom.DOMStructure)12
Element (org.w3c.dom.Element)7
XMLStructure (javax.xml.crypto.XMLStructure)5
Reference (javax.xml.crypto.dsig.Reference)5
XMLObject (javax.xml.crypto.dsig.XMLObject)5
ArrayList (java.util.ArrayList)4
Document (org.w3c.dom.Document)4
Node (org.w3c.dom.Node)4
SignatureProperties (javax.xml.crypto.dsig.SignatureProperties)3
SignatureProperty (javax.xml.crypto.dsig.SignatureProperty)3
Transform (javax.xml.crypto.dsig.Transform)3
X509Certificate (java.security.cert.X509Certificate)2
Map (java.util.Map)2
KeyInfo (javax.xml.crypto.dsig.keyinfo.KeyInfo)2
KeyInfoFactory (javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)2
CTSignatureInfoV1 (com.microsoft.schemas.office.x2006.digsig.CTSignatureInfoV1)1
SignatureInfoV1Document (com.microsoft.schemas.office.x2006.digsig.SignatureInfoV1Document)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
InputStream (java.io.InputStream)1
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1
