Example 1 with Reference
use of javax.xml.crypto.dsig.Reference in project camel by apache.
the class XmlSignerProcessor method getReferences.
protected List<? extends Reference> getReferences(XmlSignatureProperties.Input input, XmlSignatureProperties.Output properties, String keyInfoId) throws Exception {
//NOPMD
String referenceId = properties == null ? null : properties.getContentReferenceId();
// Create Reference with URI="#<objectId>" for enveloping signature, URI="" for enveloped signature, and URI = <value from configuration> for detached signature and the transforms
Reference ref = createReference(input.getSignatureFactory(), input.getContentReferenceUri(), getContentReferenceType(input.getMessage()), input.getSignatureType(), referenceId, input.getMessage());
Reference keyInfoRef = createKeyInfoReference(input.getSignatureFactory(), keyInfoId, input.getContentDigestAlgorithm());
int propsRefsSize = properties == null || properties.getReferences() == null || properties.getReferences().isEmpty() ? 0 : properties.getReferences().size();
int size = keyInfoRef == null ? propsRefsSize + 1 : propsRefsSize + 2;
List<Reference> referenceList = new ArrayList<Reference>(size);
referenceList.add(ref);
if (keyInfoRef != null) {
referenceList.add(keyInfoRef);
}
if (properties != null && properties.getReferences() != null && !properties.getReferences().isEmpty()) {
referenceList.addAll(properties.getReferences());
}
return referenceList;
}Example 2 with Reference
use of javax.xml.crypto.dsig.Reference in project camel by apache.
the class XAdESSignatureProperties method get.
@Override
public Output get(Input input) throws Exception {
//NOPMD
XmlSignatureProperties.Output result = new Output();
if (!isAddSignedSignatureProperties() && !isAddSignedDataObjectPropeties()) {
LOG.debug("XAdES signature properties are empty. Therefore no XAdES element will be added to the signature.");
return result;
}
String signedPropertiesId = "_" + UUID.randomUUID().toString();
List<Transform> transforms = Collections.emptyList();
Reference ref = input.getSignatureFactory().newReference("#" + signedPropertiesId, input.getSignatureFactory().newDigestMethod(input.getContentDigestAlgorithm(), null), transforms, "http://uri.etsi.org/01903#SignedProperties", null);
Node parent = input.getParent();
Document doc;
if (Node.DOCUMENT_NODE == parent.getNodeType()) {
// enveloping
doc = (Document) parent;
} else {
// enveloped
doc = parent.getOwnerDocument();
}
Element qualifyingProperties = createElement("QualifyingProperties", doc, input);
setIdAttributeFromHeader(XmlSignatureConstants.HEADER_XADES_QUALIFYING_PROPERTIES_ID, qualifyingProperties, input);
String signatureId = input.getSignatureId();
if (signatureId == null || signatureId.isEmpty()) {
LOG.debug("No signature Id configured. Therefore a value is generated.");
// generate one
signatureId = "_" + UUID.randomUUID().toString();
// and set to output
result.setSignatureId(signatureId);
}
setAttribute(qualifyingProperties, "Target", "#" + signatureId);
Element signedProperties = createElement("SignedProperties", doc, input);
qualifyingProperties.appendChild(signedProperties);
setAttribute(signedProperties, "Id", signedPropertiesId);
signedProperties.setIdAttribute("Id", true);
addSignedSignatureProperties(doc, signedProperties, input);
String contentReferenceId = addSignedDataObjectProperties(doc, signedProperties, input);
result.setContentReferenceId(contentReferenceId);
DOMStructure structure = new DOMStructure(qualifyingProperties);
XMLObject propertiesObject = input.getSignatureFactory().newXMLObject(Collections.singletonList(structure), null, null, null);
result.setReferences(Collections.singletonList(ref));
result.setObjects(Collections.singletonList(propertiesObject));
return result;
}Example 3 with Reference
use of javax.xml.crypto.dsig.Reference in project camel by apache.
the class DefaultXmlSignature2Message method addManifestReferencedObjects.
@SuppressWarnings("unchecked")
protected void addManifestReferencedObjects(List<XMLObject> allObjects, List<XMLObject> referencedObjects, String manifestId) {
Manifest manifest = getReferencedManifest(allObjects, manifestId);
if (manifest == null) {
return;
}
for (Reference manifestRef : (List<Reference>) manifest.getReferences()) {
String manifestRefUri = getSameDocumentReferenceUri(manifestRef);
if (manifestRefUri == null) {
continue;
}
XMLObject manifestReferencedOb = getReferencedObject(allObjects, manifestRefUri);
if (manifestReferencedOb != null) {
referencedObjects.add(manifestReferencedOb);
}
}
}Example 4 with Reference
use of javax.xml.crypto.dsig.Reference in project camel by apache.
the class DefaultXmlSignature2Message method getNodeForMessageBodyInEnvelopingCase.
protected Node getNodeForMessageBodyInEnvelopingCase(Input input) throws Exception {
//NOPMD
Node node;
List<Reference> relevantReferences = getReferencesForMessageMapping(input);
List<XMLObject> relevantObjects = getObjectsForMessageMapping(input);
DOMStructure domStruc = getDomStructureForMessageBody(relevantReferences, relevantObjects);
node = domStruc.getNode();
return node;
}
Also used :
Reference(javax.xml.crypto.dsig.Reference)
Node(org.w3c.dom.Node)
DOMStructure(javax.xml.crypto.dom.DOMStructure)
XMLObject(javax.xml.crypto.dsig.XMLObject)
Example 5 with Reference
use of javax.xml.crypto.dsig.Reference in project cas by apereo.
the class AbstractSamlObjectBuilder method signSamlElement.
/**
* Sign SAML element.
*
* @param element the element
* @param privKey the priv key
* @param pubKey the pub key
* @return the element
*/
private org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey, final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider", SIGNATURE_FACTORY_PROVIDER_CLASS);
final XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
final List<Transform> envelopedTransform = Collections.singletonList(sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
final Reference ref = sigFactory.newReference(StringUtils.EMPTY, sigFactory.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null);
// Create the SignatureMethod based on the type of key
final SignatureMethod signatureMethod;
final String algorithm = pubKey.getAlgorithm();
switch(algorithm) {
case "DSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null);
break;
case "RSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
break;
default:
throw new RuntimeException("Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires w3c representation)
final Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
final Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
final XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e);
}
}
Also used :
XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory)
KeyValue(javax.xml.crypto.dsig.keyinfo.KeyValue)
Reference(javax.xml.crypto.dsig.Reference)
Element(org.w3c.dom.Element)
Node(org.w3c.dom.Node)
CanonicalizationMethod(javax.xml.crypto.dsig.CanonicalizationMethod)
XSString(org.opensaml.core.xml.schema.XSString)
SignedInfo(javax.xml.crypto.dsig.SignedInfo)
KeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)
KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo)
DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext)
XMLSignature(javax.xml.crypto.dsig.XMLSignature)
TransformParameterSpec(javax.xml.crypto.dsig.spec.TransformParameterSpec)
SignatureMethod(javax.xml.crypto.dsig.SignatureMethod)
Transform(javax.xml.crypto.dsig.Transform)
Aggregations
Reference (javax.xml.crypto.dsig.Reference)19
ArrayList (java.util.ArrayList)11
XMLObject (javax.xml.crypto.dsig.XMLObject)10
Transform (javax.xml.crypto.dsig.Transform)7
XMLStructure (javax.xml.crypto.XMLStructure)5
DOMStructure (javax.xml.crypto.dom.DOMStructure)5
XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)5
Element (org.w3c.dom.Element)5
Manifest (javax.xml.crypto.dsig.Manifest)4
SignedInfo (javax.xml.crypto.dsig.SignedInfo)4
XMLSignature (javax.xml.crypto.dsig.XMLSignature)4
XMLSignatureException (javax.xml.crypto.dsig.XMLSignatureException)4
DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)4
NodeList (org.w3c.dom.NodeList)4
Document (org.w3c.dom.Document)3
Node (org.w3c.dom.Node)3
GeneralSecurityException (java.security.GeneralSecurityException)2
HashMap (java.util.HashMap)2
List (java.util.List)2
Map (java.util.Map)2
