Search in sources :

Example 16 with KeyInfo

use of javax.xml.crypto.dsig.keyinfo.KeyInfo in project jdk8u_jdk by JetBrains.

the class DOMKeyInfo method equals.

@Override
public boolean equals(Object o) {
    if (this == o) {
        return true;
    }
    if (!(o instanceof KeyInfo)) {
        return false;
    }
    KeyInfo oki = (KeyInfo) o;
    boolean idsEqual = (id == null ? oki.getId() == null : id.equals(oki.getId()));
    return (keyInfoTypes.equals(oki.getContent()) && idsEqual);
}
Also used : KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo)

Example 17 with KeyInfo

use of javax.xml.crypto.dsig.keyinfo.KeyInfo in project OpenOLAT by OpenOLAT.

the class XMLDigitalSignatureUtil method signDetached.

/**
 * Create a separate XML file with the XML Digital Signature.
 *
 * of the specified XML file.
 * @param xmlFile The XML File to sign
 * @param outputSignatureFile Where the Digital Signature is saved
 * @param signatureDoc A DOM which hold the signature (optional but if you give one, the root element must exists)
 * @throws ParserConfigurationException
 * @throws GeneralSecurityException
 * @throws NoSuchAlgorithmException
 * @throws XMLSignatureException
 * @throws MarshalException
 * @throws TransformerException
 */
public static void signDetached(String uri, File xmlFile, File outputSignatureFile, Document signatureDoc, String keyName, X509Certificate x509Cert, PrivateKey privateKey) throws IOException, SAXException, ParserConfigurationException, NoSuchAlgorithmException, GeneralSecurityException, MarshalException, XMLSignatureException, TransformerException {
    Document doc = getDocument(xmlFile);
    // Create the signature factory for creating the signature.
    XMLSignatureFactory sigFactory = XMLSignatureFactory.getInstance("DOM");
    List<Transform> transforms = new ArrayList<Transform>();
    // Transform envelopped = sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null);
    // transforms.add(envelopped);
    // Create the canonicalization transform to be applied after the XSLT.
    CanonicalizationMethod c14n = sigFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
    transforms.add(c14n);
    // Create the Reference to the XML to be signed specifying the hash algorithm to be used
    // and the list of transforms to apply. Also specify the XML to be signed as the current
    // document (specified by the first parameter being an empty string).
    Reference reference = sigFactory.newReference(uri, sigFactory.newDigestMethod(DigestMethod.SHA256, null), transforms, null, null);
    // Create the Signed Info node of the signature by specifying the canonicalization method
    // to use (INCLUSIVE), the signing method (RSA_SHA1), and the Reference node to be signed.
    SignedInfo si = sigFactory.newSignedInfo(c14n, sigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference));
    // Create the KeyInfo node containing the public key information to include in the signature.
    KeyInfoFactory kif = sigFactory.getKeyInfoFactory();
    X509Data xd = kif.newX509Data(Collections.singletonList(x509Cert));
    List<Object> keyInfoList = new ArrayList<>();
    if (StringHelper.containsNonWhitespace(keyName)) {
        keyInfoList.add(kif.newKeyName(keyName));
    }
    keyInfoList.add(xd);
    KeyInfo ki = kif.newKeyInfo(keyInfoList);
    // Get the node to attach the signature.
    Node signatureInfoNode = doc.getDocumentElement();
    // Create a signing context using the private key.
    DOMSignContext dsc = new DOMSignContext(privateKey, signatureInfoNode);
    dsc.setBaseURI(uri);
    dsc.setURIDereferencer(new FileURIDereferencer(uri, xmlFile));
    // Create the signature from the signing context and key info
    XMLSignature signature = sigFactory.newXMLSignature(si, ki);
    signature.sign(dsc);
    NodeList nl = doc.getElementsByTagName("Signature");
    if (nl.getLength() == 1) {
        if (signatureDoc != null && signatureDoc.getDocumentElement() != null) {
            Element rootEl = signatureDoc.getDocumentElement();
            rootEl.appendChild(signatureDoc.importNode(nl.item(0), true));
            write(rootEl, outputSignatureFile);
        } else {
            write(nl.item(0), outputSignatureFile);
        }
    }
}
Also used : XMLSignatureFactory(javax.xml.crypto.dsig.XMLSignatureFactory) URIReference(javax.xml.crypto.URIReference) Reference(javax.xml.crypto.dsig.Reference) Node(org.w3c.dom.Node) NodeList(org.w3c.dom.NodeList) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) CanonicalizationMethod(javax.xml.crypto.dsig.CanonicalizationMethod) Document(org.w3c.dom.Document) X509Data(javax.xml.crypto.dsig.keyinfo.X509Data) SignedInfo(javax.xml.crypto.dsig.SignedInfo) KeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory) KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo) DOMSignContext(javax.xml.crypto.dsig.dom.DOMSignContext) XMLSignature(javax.xml.crypto.dsig.XMLSignature) Transform(javax.xml.crypto.dsig.Transform)

Example 18 with KeyInfo

use of javax.xml.crypto.dsig.keyinfo.KeyInfo in project santuario-java by apache.

the class DOMKeyInfo method equals.

@Override
public boolean equals(Object o) {
    if (this == o) {
        return true;
    }
    if (!(o instanceof KeyInfo)) {
        return false;
    }
    KeyInfo oki = (KeyInfo) o;
    boolean idsEqual = id == null ? oki.getId() == null : id.equals(oki.getId());
    return keyInfoTypes.equals(oki.getContent()) && idsEqual;
}
Also used : KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo)

Example 19 with KeyInfo

use of javax.xml.crypto.dsig.keyinfo.KeyInfo in project wildfly by wildfly.

the class TestServlet method validateSignature.

private static boolean validateSignature(final Document document, final PublicKey publicKey) throws Exception {
    final KeySelector ks = new KeySelector() {

        @Override
        public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException {
            return new KeySelectorResult() {

                public Key getKey() {
                    return publicKey;
                }
            };
        }
    };
    final DOMValidateContext context = new DOMValidateContext(ks, document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature").item(0));
    return XMLSignatureFactory.getInstance("DOM").unmarshalXMLSignature(context).validate(context);
}
Also used : KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo) DOMValidateContext(javax.xml.crypto.dsig.dom.DOMValidateContext) XMLCryptoContext(javax.xml.crypto.XMLCryptoContext) AlgorithmMethod(javax.xml.crypto.AlgorithmMethod) KeySelectorResult(javax.xml.crypto.KeySelectorResult) KeySelector(javax.xml.crypto.KeySelector)

Example 20 with KeyInfo

use of javax.xml.crypto.dsig.keyinfo.KeyInfo in project cxf by apache.

the class RequestParser method parseKeyInfoElement.

/**
 * Parse the KeyInfo Element to return a ReceivedCredential object containing the found certificate or
 * public key.
 */
private static ReceivedCredential parseKeyInfoElement(Element keyInfoElement) throws STSException {
    KeyInfoFactory keyInfoFactory;
    try {
        keyInfoFactory = KeyInfoFactory.getInstance("DOM", "ApacheXMLDSig");
    } catch (NoSuchProviderException ex) {
        keyInfoFactory = KeyInfoFactory.getInstance("DOM");
    }
    try {
        KeyInfo keyInfo = keyInfoFactory.unmarshalKeyInfo(new DOMStructure(keyInfoElement));
        List<?> list = keyInfo.getContent();
        for (int i = 0; i < list.size(); i++) {
            if (list.get(i) instanceof KeyValue) {
                KeyValue keyValue = (KeyValue) list.get(i);
                ReceivedCredential receivedKey = new ReceivedCredential();
                receivedKey.setPublicKey(keyValue.getPublicKey());
                return receivedKey;
            } else if (list.get(i) instanceof X509Certificate) {
                ReceivedCredential receivedKey = new ReceivedCredential();
                receivedKey.setX509Cert((X509Certificate) list.get(i));
                return receivedKey;
            } else if (list.get(i) instanceof X509Data) {
                X509Data x509Data = (X509Data) list.get(i);
                for (int j = 0; j < x509Data.getContent().size(); j++) {
                    if (x509Data.getContent().get(j) instanceof X509Certificate) {
                        ReceivedCredential receivedKey = new ReceivedCredential();
                        receivedKey.setX509Cert((X509Certificate) x509Data.getContent().get(j));
                        return receivedKey;
                    }
                }
            }
        }
    } catch (MarshalException | KeyException e) {
        LOG.log(Level.WARNING, "", e);
        throw new STSException(e.getMessage(), e, STSException.INVALID_REQUEST);
    }
    return null;
}
Also used : MarshalException(javax.xml.crypto.MarshalException) KeyValue(javax.xml.crypto.dsig.keyinfo.KeyValue) STSException(org.apache.cxf.ws.security.sts.provider.STSException) X509Data(javax.xml.crypto.dsig.keyinfo.X509Data) X509Certificate(java.security.cert.X509Certificate) KeyException(java.security.KeyException) KeyInfoFactory(javax.xml.crypto.dsig.keyinfo.KeyInfoFactory) KeyInfo(javax.xml.crypto.dsig.keyinfo.KeyInfo) DOMStructure(javax.xml.crypto.dom.DOMStructure) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

KeyInfo (javax.xml.crypto.dsig.keyinfo.KeyInfo)24 DOMSignContext (javax.xml.crypto.dsig.dom.DOMSignContext)10 SignedInfo (javax.xml.crypto.dsig.SignedInfo)9 KeyInfoFactory (javax.xml.crypto.dsig.keyinfo.KeyInfoFactory)9 Reference (javax.xml.crypto.dsig.Reference)8 XMLSignature (javax.xml.crypto.dsig.XMLSignature)8 X509Data (javax.xml.crypto.dsig.keyinfo.X509Data)8 Node (org.w3c.dom.Node)8 Transform (javax.xml.crypto.dsig.Transform)7 XMLSignatureFactory (javax.xml.crypto.dsig.XMLSignatureFactory)7 Document (org.w3c.dom.Document)7 Element (org.w3c.dom.Element)7 ArrayList (java.util.ArrayList)6 CanonicalizationMethod (javax.xml.crypto.dsig.CanonicalizationMethod)6 X509Certificate (java.security.cert.X509Certificate)4 URIReference (javax.xml.crypto.URIReference)4 DOMStructure (javax.xml.crypto.dom.DOMStructure)4 NodeList (org.w3c.dom.NodeList)4 XMLStructure (javax.xml.crypto.XMLStructure)3 KeyValue (javax.xml.crypto.dsig.keyinfo.KeyValue)3