use of javax.xml.crypto.dsig.XMLSignature in project iaf by ibissource.
the class SoapWrapperTest method verifySoapDigest.
private boolean verifySoapDigest(Message soapBody) throws Exception {
Document doc = (Document) soapBody.asObject();
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
fail("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(new UsernameTokenSelector(), nl.item(0));
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = factory.unmarshalXMLSignature(valContext);
return signature.validate(valContext);
}
use of javax.xml.crypto.dsig.XMLSignature in project santuario-java by apache.
the class HMACSignatureAlgorithmTest method test_create_signature_enveloping.
private void test_create_signature_enveloping(SignatureMethod sm, DigestMethod dm, KeyInfo ki, Key signingKey, KeySelector ks) throws Exception {
// create reference
Reference ref = fac.newReference("#DSig.Object_1", dm, null, XMLObject.TYPE, null);
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, sm, Collections.singletonList(ref));
Document doc = db.newDocument();
// create Objects
Element webElem = doc.createElementNS(null, "Web");
Text text = doc.createTextNode("up up and away");
webElem.appendChild(text);
XMLObject obj = fac.newXMLObject(Collections.singletonList(new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, ki, Collections.singletonList(obj), null, null);
DOMSignContext dsc = new DOMSignContext(signingKey, doc);
dsc.setDefaultNamespacePrefix("dsig");
sig.sign(dsc);
TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
// XMLUtils.outputDOM(doc.getDocumentElement(), System.out);
DOMValidateContext dvc = new DOMValidateContext(ks, doc.getDocumentElement());
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
assertTrue(sig.equals(sig2));
assertTrue(sig2.validate(dvc));
}
use of javax.xml.crypto.dsig.XMLSignature in project openolat by klemens.
the class XMLDigitalSignatureUtil method validate.
public static boolean validate(File signedXmlFile, PublicKey publicKey) throws ParserConfigurationException, SAXException, IOException, MarshalException, XMLSignatureException {
Document doc = getDocument(signedXmlFile);
NodeList nl = doc.getElementsByTagName("Signature");
if (nl.getLength() == 0) {
return false;
}
DOMValidateContext validContext = new DOMValidateContext(publicKey, nl.item(0));
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = fac.unmarshalXMLSignature(validContext);
boolean validFlag = signature.validate(validContext);
if (!validFlag) {
// log and throw if not valid
boolean sv = signature.getSignatureValue().validate(validContext);
String msg = "signature validation status: " + sv;
int numOfReferences = signature.getSignedInfo().getReferences().size();
for (int j = 0; j < numOfReferences; j++) {
Reference ref = (Reference) signature.getSignedInfo().getReferences().get(j);
boolean refValid = ref.validate(validContext);
msg += " ref[" + j + "] validity status: " + refValid;
}
log.warn(msg);
}
return validFlag;
}
use of javax.xml.crypto.dsig.XMLSignature in project openolat by klemens.
the class XMLDigitalSignatureUtil method validate.
/**
* @param uri
* @param xmlFile
* @param xmlSignatureFile
* @return
* @throws ParserConfigurationException
* @throws SAXException
* @throws IOException
* @throws MarshalException
* @throws XMLSignatureException
*/
public static boolean validate(String uri, File xmlFile, File xmlSignatureFile) throws ParserConfigurationException, SAXException, IOException, MarshalException, XMLSignatureException {
Document doc = getDocument(xmlSignatureFile);
NodeList nl = doc.getElementsByTagName("Signature");
if (nl.getLength() == 0) {
return false;
}
DOMValidateContext validContext = new DOMValidateContext(new X509KeySelector(), nl.item(0));
validContext.setBaseURI(uri);
validContext.setURIDereferencer(new FileURIDereferencer(uri, xmlFile));
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = fac.unmarshalXMLSignature(validContext);
boolean validFlag = signature.validate(validContext);
if (!validFlag) {
// log and throw if not valid
boolean sv = signature.getSignatureValue().validate(validContext);
String msg = "signature validation status: " + sv;
int numOfReferences = signature.getSignedInfo().getReferences().size();
for (int j = 0; j < numOfReferences; j++) {
Reference ref = (Reference) signature.getSignedInfo().getReferences().get(j);
boolean refValid = ref.validate(validContext);
msg += " ref[" + j + "] validity status: " + refValid;
}
log.warn(msg);
}
return validFlag;
}
use of javax.xml.crypto.dsig.XMLSignature in project keycloak by keycloak.
the class XMLSignatureUtil method signImpl.
private static void signImpl(DOMSignContext dsc, String digestMethod, String signatureMethod, String referenceURI, String keyName, PublicKey publicKey, X509Certificate x509Certificate, String canonicalizationMethodType) throws GeneralSecurityException, MarshalException, XMLSignatureException {
dsc.setDefaultNamespacePrefix("dsig");
DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null);
Transform transform1 = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null);
Transform transform2 = fac.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null);
List<Transform> transformList = new ArrayList<>();
transformList.add(transform1);
transformList.add(transform2);
Reference ref = fac.newReference(referenceURI, digestMethodObj, transformList, null, null);
CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(canonicalizationMethodType, (C14NMethodParameterSpec) null);
List<Reference> referenceList = Collections.singletonList(ref);
SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null);
SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethodObj, referenceList);
KeyInfo ki;
if (includeKeyInfoInSignature) {
ki = createKeyInfo(keyName, publicKey, x509Certificate);
} else {
ki = createKeyInfo(keyName, null, null);
}
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
}
Aggregations