Search in sources :

Example 21 with XMLSignatureFactory

use of javax.xml.crypto.dsig.XMLSignatureFactory in project OpenOLAT by OpenOLAT.

the class XMLDigitalSignatureUtil method validate.

public static boolean validate(File signedXmlFile, PublicKey publicKey) throws ParserConfigurationException, SAXException, IOException, MarshalException, XMLSignatureException {
    Document doc = getDocument(signedXmlFile);
    NodeList nl = doc.getElementsByTagName("Signature");
    if (nl.getLength() == 0) {
        return false;
    }
    DOMValidateContext validContext = new DOMValidateContext(publicKey, nl.item(0));
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
    XMLSignature signature = fac.unmarshalXMLSignature(validContext);
    boolean validFlag = signature.validate(validContext);
    if (!validFlag) {
        // log and throw if not valid
        boolean sv = signature.getSignatureValue().validate(validContext);
        String msg = "signature validation status: " + sv;
        int numOfReferences = signature.getSignedInfo().getReferences().size();
        for (int j = 0; j < numOfReferences; j++) {
            Reference ref = (Reference) signature.getSignedInfo().getReferences().get(j);
            boolean refValid = ref.validate(validContext);
            msg += " ref[" + j + "] validity status: " + refValid;
        }
        log.warn(msg);
    }
    return validFlag;
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) XMLSignature(javax.xml.crypto.dsig.XMLSignature) URIReference(javax.xml.crypto.URIReference) Reference(javax.xml.crypto.dsig.Reference) NodeList(org.w3c.dom.NodeList) DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext) Document(org.w3c.dom.Document)

Example 22 with XMLSignatureFactory

use of javax.xml.crypto.dsig.XMLSignatureFactory in project santuario-java by apache.

the class Driver method dsig.

public void dsig() throws Exception {
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI());
    long start = System.currentTimeMillis();
    for (int i = 0; i < 100; i++) {
        fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
    }
    long end = System.currentTimeMillis();
    long elapsed = end - start;
    LOG.debug("Elapsed: {}", elapsed);
    LOG.debug("dsig succeeded");
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory)

Example 23 with XMLSignatureFactory

use of javax.xml.crypto.dsig.XMLSignatureFactory in project openolat by klemens.

the class XMLDigitalSignatureUtil method validate.

public static boolean validate(File signedXmlFile, PublicKey publicKey) throws ParserConfigurationException, SAXException, IOException, MarshalException, XMLSignatureException {
    Document doc = getDocument(signedXmlFile);
    NodeList nl = doc.getElementsByTagName("Signature");
    if (nl.getLength() == 0) {
        return false;
    }
    DOMValidateContext validContext = new DOMValidateContext(publicKey, nl.item(0));
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
    XMLSignature signature = fac.unmarshalXMLSignature(validContext);
    boolean validFlag = signature.validate(validContext);
    if (!validFlag) {
        // log and throw if not valid
        boolean sv = signature.getSignatureValue().validate(validContext);
        String msg = "signature validation status: " + sv;
        int numOfReferences = signature.getSignedInfo().getReferences().size();
        for (int j = 0; j < numOfReferences; j++) {
            Reference ref = (Reference) signature.getSignedInfo().getReferences().get(j);
            boolean refValid = ref.validate(validContext);
            msg += " ref[" + j + "] validity status: " + refValid;
        }
        log.warn(msg);
    }
    return validFlag;
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) XMLSignature(javax.xml.crypto.dsig.XMLSignature) URIReference(javax.xml.crypto.URIReference) Reference(javax.xml.crypto.dsig.Reference) NodeList(org.w3c.dom.NodeList) DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext) Document(org.w3c.dom.Document)

Example 24 with XMLSignatureFactory

use of javax.xml.crypto.dsig.XMLSignatureFactory in project openolat by klemens.

the class XMLDigitalSignatureUtil method validate.

/**
 * @param uri
 * @param xmlFile
 * @param xmlSignatureFile
 * @return
 * @throws ParserConfigurationException
 * @throws SAXException
 * @throws IOException
 * @throws MarshalException
 * @throws XMLSignatureException
 */
public static boolean validate(String uri, File xmlFile, File xmlSignatureFile) throws ParserConfigurationException, SAXException, IOException, MarshalException, XMLSignatureException {
    Document doc = getDocument(xmlSignatureFile);
    NodeList nl = doc.getElementsByTagName("Signature");
    if (nl.getLength() == 0) {
        return false;
    }
    DOMValidateContext validContext = new DOMValidateContext(new X509KeySelector(), nl.item(0));
    validContext.setBaseURI(uri);
    validContext.setURIDereferencer(new FileURIDereferencer(uri, xmlFile));
    XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
    XMLSignature signature = fac.unmarshalXMLSignature(validContext);
    boolean validFlag = signature.validate(validContext);
    if (!validFlag) {
        // log and throw if not valid
        boolean sv = signature.getSignatureValue().validate(validContext);
        String msg = "signature validation status: " + sv;
        int numOfReferences = signature.getSignedInfo().getReferences().size();
        for (int j = 0; j < numOfReferences; j++) {
            Reference ref = (Reference) signature.getSignedInfo().getReferences().get(j);
            boolean refValid = ref.validate(validContext);
            msg += " ref[" + j + "] validity status: " + refValid;
        }
        log.warn(msg);
    }
    return validFlag;
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) XMLSignature(javax.xml.crypto.dsig.XMLSignature) URIReference(javax.xml.crypto.URIReference) Reference(javax.xml.crypto.dsig.Reference) NodeList(org.w3c.dom.NodeList) DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext) Document(org.w3c.dom.Document)

Aggregations

XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)24 XMLSignature (javax.xml.crypto.dsig.XMLSignature)17 Reference (javax.xml.crypto.dsig.Reference)16 Document (org.w3c.dom.Document)12 DOMValidateContext (javax.xml.crypto.dsig.dom.DOMValidateContext)11 NodeList (org.w3c.dom.NodeList)11 URIReference (javax.xml.crypto.URIReference)10 SignedInfo (javax.xml.crypto.dsig.SignedInfo)10 DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)10 ArrayList (java.util.ArrayList)8 CanonicalizationMethod (javax.xml.crypto.dsig.CanonicalizationMethod)8 KeyInfoFactory (javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)7 Element (org.w3c.dom.Element)7 Transform (javax.xml.crypto.dsig.Transform)6 KeyInfo (javax.xml.crypto.dsig.keyinfo.KeyInfo)6 X509Data (javax.xml.crypto.dsig.keyinfo.X509Data)6 Node (org.w3c.dom.Node)5 SignatureMethod (javax.xml.crypto.dsig.SignatureMethod)4 XMLSignatureException (javax.xml.crypto.dsig.XMLSignatureException)4 GeneralSecurityException (java.security.GeneralSecurityException)3