Examples with DigestMethod javax.xml.crypto.dsig.DigestMethod used on opensource projects

Search in sources :

Example 1 with DigestMethod

use of javax.xml.crypto.dsig.DigestMethod in project poi by apache.

the class SignatureFacet method newReference.

public static Reference newReference(String uri, List<Transform> transforms, String type, String id, byte[] digestValue, SignatureConfig signatureConfig) throws XMLSignatureException {
    // the references appear in the package signature or the package object
    // so we can use the default digest algorithm
    String digestMethodUri = signatureConfig.getDigestMethodUri();
    XMLSignatureFactory sigFac = signatureConfig.getSignatureFactory();
    DigestMethod digestMethod;
    try {
        digestMethod = sigFac.newDigestMethod(digestMethodUri, null);
    } catch (GeneralSecurityException e) {
        throw new XMLSignatureException("unknown digest method uri: " + digestMethodUri, e);
    }
    Reference reference;
    if (digestValue == null) {
        reference = sigFac.newReference(uri, digestMethod, transforms, type, id);
    } else {
        reference = sigFac.newReference(uri, digestMethod, transforms, type, id, digestValue);
    }
    brokenJvmWorkaround(reference);
    return reference;
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) DOMReference(org.apache.jcp.xml.dsig.internal.dom.DOMReference) Reference(javax.xml.crypto.dsig.Reference) GeneralSecurityException(java.security.GeneralSecurityException) DOMDigestMethod(org.apache.jcp.xml.dsig.internal.dom.DOMDigestMethod) DigestMethod(javax.xml.crypto.dsig.DigestMethod) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)

Example 2 with DigestMethod

use of javax.xml.crypto.dsig.DigestMethod in project poi by apache.

the class SignatureFacet method brokenJvmWorkaround.

// helper method ... will be removed soon
public static void brokenJvmWorkaround(final Reference reference) {
    final DigestMethod digestMethod = reference.getDigestMethod();
    final String digestMethodUri = digestMethod.getAlgorithm();
    final Provider bcProv = Security.getProvider("BC");
    if (bcProv != null && !DigestMethod.SHA1.equals(digestMethodUri)) {
        // workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1155012
        // overwrite standard message digest, if a digest <> SHA1 is used
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            @Override
            @SuppressForbidden("Workaround for a bug, needs access to private JDK members (may fail in Java 9): https://bugzilla.redhat.com/show_bug.cgi?id=1155012")
            public Void run() {
                try {
                    Method m = DOMDigestMethod.class.getDeclaredMethod("getMessageDigestAlgorithm");
                    m.setAccessible(true);
                    String mdAlgo = (String) m.invoke(digestMethod);
                    MessageDigest md = MessageDigest.getInstance(mdAlgo, bcProv);
                    Field f = DOMReference.class.getDeclaredField("md");
                    f.setAccessible(true);
                    f.set(reference, md);
                } catch (Exception e) {
                    LOG.log(POILogger.WARN, "Can't overwrite message digest (workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1155012)", e);
                }
                // Void
                return null;
            }
        });
    }
}
Also used : DOMDigestMethod(org.apache.jcp.xml.dsig.internal.dom.DOMDigestMethod) DigestMethod(javax.xml.crypto.dsig.DigestMethod) DOMDigestMethod(org.apache.jcp.xml.dsig.internal.dom.DOMDigestMethod) Method(java.lang.reflect.Method) DigestMethod(javax.xml.crypto.dsig.DigestMethod) DOMReference(org.apache.jcp.xml.dsig.internal.dom.DOMReference) MarshalException(javax.xml.crypto.MarshalException) GeneralSecurityException(java.security.GeneralSecurityException) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException) Provider(java.security.Provider) Field(java.lang.reflect.Field) DOMDigestMethod(org.apache.jcp.xml.dsig.internal.dom.DOMDigestMethod) SuppressForbidden(org.apache.poi.util.SuppressForbidden) MessageDigest(java.security.MessageDigest)

Aggregations

GeneralSecurityException (java.security.GeneralSecurityException)2 DigestMethod (javax.xml.crypto.dsig.DigestMethod)2 XMLSignatureException (javax.xml.crypto.dsig.XMLSignatureException)2 DOMDigestMethod (org.apache.jcp.xml.dsig.internal.dom.DOMDigestMethod)2 DOMReference (org.apache.jcp.xml.dsig.internal.dom.DOMReference)2 Field (java.lang.reflect.Field)1 Method (java.lang.reflect.Method)1 MessageDigest (java.security.MessageDigest)1 Provider (java.security.Provider)1 MarshalException (javax.xml.crypto.MarshalException)1 Reference (javax.xml.crypto.dsig.Reference)1 XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)1 SuppressForbidden (org.apache.poi.util.SuppressForbidden)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial