Examples with XMLSignatureException javax.xml.crypto.dsig.XMLSignatureException used on opensource projects

Search in sources :

Example 11 with XMLSignatureException

use of javax.xml.crypto.dsig.XMLSignatureException in project santuario-java by apache.

the class Baltimore23Test method test_signature_enveloping_hmac_sha1_40.

@org.junit.Test
public void test_signature_enveloping_hmac_sha1_40() throws Exception {
    String file = "signature-enveloping-hmac-sha1-40.xml";
    KeySelector ks = new KeySelectors.SecretKeySelector("secret".getBytes(StandardCharsets.US_ASCII));
    try {
        SignatureValidator validator = new SignatureValidator(dir);
        validator.validate(file, ks);
        fail("Expected HMACOutputLength exception");
    } catch (XMLSignatureException xse) {
        System.out.println(xse.getMessage());
    // pass
    }
}
Also used : KeySelector(javax.xml.crypto.KeySelector) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)

Example 12 with XMLSignatureException

use of javax.xml.crypto.dsig.XMLSignatureException in project santuario-java by apache.

the class PhaosXMLDSig3Test method test_signature_hmac_sha1_40_c14n_comments_detached.

@org.junit.Test
public void test_signature_hmac_sha1_40_c14n_comments_detached() throws Exception {
    String file = "signature-hmac-sha1-40-c14n-comments-detached.xml";
    KeySelector ks = new KeySelectors.SecretKeySelector("test".getBytes(StandardCharsets.US_ASCII));
    try {
        validator.validate(file, ks);
        fail("Expected HMACOutputLength Exception");
    } catch (XMLSignatureException xse) {
    // System.out.println(xse.getMessage());
    // pass
    }
}
Also used : KeySelector(javax.xml.crypto.KeySelector) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)

Example 13 with XMLSignatureException

use of javax.xml.crypto.dsig.XMLSignatureException in project santuario-java by apache.

the class JSRWrappingAttackTest method testWrappingAttack.

@org.junit.Test
public void testWrappingAttack() throws Exception {
    String file = "manifestSignatureWrapping.xml";
    Document doc = XMLUtils.createDocumentBuilder(false, false).parse(new File(dir, file));
    Element sigElement = SignatureValidator.getSignatureElement(doc);
    if (sigElement == null) {
        throw new Exception("Couldn't find signature Element");
    }
    DOMValidateContext vc = new DOMValidateContext(new KeySelectors.KeyValueKeySelector(), sigElement);
    vc.setBaseURI(dir.toURI().toString());
    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.FALSE);
    boolean coreValidity = validator.validate(vc);
    assertTrue("Signature failed core validation", coreValidity);
    vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
    Element manifestElement = (Element) doc.getElementsByTagName("Manifest").item(0);
    vc.setIdAttributeNS(manifestElement, null, "Id");
    try {
        boolean valid = validator.validate(vc);
        System.out.println("Valid: " + valid);
        fail("Failure expected when secure validation is enabled");
    } catch (XMLSignatureException ex) {
        assertTrue(ex.getMessage().contains("URIReferenceException"));
    }
}
Also used : KeySelectors(javax.xml.crypto.test.KeySelectors) Element(org.w3c.dom.Element) DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext) Document(org.w3c.dom.Document) File(java.io.File) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)

Aggregations

XMLSignatureException (javax.xml.crypto.dsig.XMLSignatureException)13 KeySelector (javax.xml.crypto.KeySelector)5 Reference (javax.xml.crypto.dsig.Reference)4 XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)4 GeneralSecurityException (java.security.GeneralSecurityException)3 ArrayList (java.util.ArrayList)3 XMLSignature (javax.xml.crypto.dsig.XMLSignature)3 DOMValidateContext (javax.xml.crypto.dsig.dom.DOMValidateContext)3 Element (org.w3c.dom.Element)3 File (java.io.File)2 NoSuchProviderException (java.security.NoSuchProviderException)2 SignedInfo (javax.xml.crypto.dsig.SignedInfo)2 XMLObject (javax.xml.crypto.dsig.XMLObject)2 DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)2 KeySelectors (javax.xml.crypto.test.KeySelectors)2 DOMReference (org.apache.jcp.xml.dsig.internal.dom.DOMReference)2 Document (org.w3c.dom.Document)2 NodeList (org.w3c.dom.NodeList)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 URI (java.net.URI)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial