Examples with C14NMethodParameterSpec javax.xml.crypto.dsig.spec.C14NMethodParameterSpec used on opensource projects

Example 1 with C14NMethodParameterSpec

use of javax.xml.crypto.dsig.spec.C14NMethodParameterSpec in project jdk8u_jdk by JetBrains.

the class XMLDSigWithSecMgr method setup.

private void setup() throws Exception {
    ss = new ServerSocket(0);
    Thread thr = new Thread(this);
    thr.start();
    fac = XMLSignatureFactory.getInstance();
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    db = dbf.newDocumentBuilder();
    sha1 = fac.newDigestMethod(DigestMethod.SHA1, null);
    withoutComments = fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null);
}

Example 2 with C14NMethodParameterSpec

use of javax.xml.crypto.dsig.spec.C14NMethodParameterSpec in project santuario-java by apache.

the class CanonicalizationMethodTest method testConstructor.

@org.junit.Test
public void testConstructor() throws Exception {
    // test newAlgorithmMethod(String algorithm,
    // AlgorithmParameterSpec params)
    // for generating CanonicalizationMethod objects
    CanonicalizationMethod cm;
    for (int i = 0; i < C14N_ALGOS.length; i++) {
        String algo = C14N_ALGOS[i];
        cm = factory.newCanonicalizationMethod(algo, (C14NMethodParameterSpec) null);
        assertNotNull(cm);
        assertEquals(cm.getAlgorithm(), algo);
        assertNull(cm.getParameterSpec());
        try {
            cm = factory.newCanonicalizationMethod(algo, new TestUtils.MyOwnC14nParameterSpec());
            fail("Should raise an IAPE for invalid c14n parameters");
        } catch (InvalidAlgorithmParameterException iape) {
        } catch (Exception ex) {
            fail("Should raise a IAPE instead of " + ex);
        }
        if (algo.equals(CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS) || algo.equals(CanonicalizationMethod.EXCLUSIVE)) {
            cm = factory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, new ExcC14NParameterSpec());
            AlgorithmParameterSpec aps = cm.getParameterSpec();
            assertNotNull(aps);
            assertTrue(aps instanceof ExcC14NParameterSpec);
        }
    }
    try {
        cm = factory.newCanonicalizationMethod(null, (C14NMethodParameterSpec) null);
        fail("Should raise a NPE for null algo");
    } catch (NullPointerException npe) {
    } catch (Exception ex) {
        fail("Should raise a NPE instead of " + ex);
    }
    try {
        cm = factory.newCanonicalizationMethod("non-existent", (C14NMethodParameterSpec) null);
        fail("Should raise an NSAE for non-existent algos");
    } catch (NoSuchAlgorithmException nsae) {
    } catch (Exception ex) {
        fail("Should raise an NSAE instead of " + ex);
    }
}

Example 3 with C14NMethodParameterSpec

use of javax.xml.crypto.dsig.spec.C14NMethodParameterSpec in project santuario-java by apache.

the class DetachedTest method test.

@org.junit.Test
public void test() {
    try {
        // 
        // PART 1 : Creating the detached signature
        // 
        // Create a factory that will be used to generate the signature
        // structures
        XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI());
        // Create a Reference to an external URI that will be digested
        Reference ref = fac.newReference("http://www.w3.org/TR/xml-stylesheet", fac.newDigestMethod(DigestMethod.SHA1, null));
        // Create a DSA KeyPair
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
        kpg.initialize(1024, new SecureRandom("not so random bytes".getBytes()));
        KeyPair kp = kpg.generateKeyPair();
        // Create a KeyValue containing the generated DSA PublicKey
        KeyInfoFactory kif = fac.getKeyInfoFactory();
        KeyValue kv = kif.newKeyValue(kp.getPublic());
        // Create a KeyInfo and add the KeyValue to it
        KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
        // Create SignedInfo
        SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), Collections.singletonList(ref));
        // Create XMLSignature
        XMLSignature signature = fac.newXMLSignature(si, ki, null, null, null);
        // Create an XMLSignContext and set the
        // DSA PrivateKey for signing
        Document doc = XMLUtils.createDocumentBuilder(false).newDocument();
        DOMSignContext signContext = new DOMSignContext(kp.getPrivate(), doc);
        signContext.putNamespacePrefix(XMLSignature.XMLNS, "ds");
        URIDereferencer ud = new LocalHttpCacheURIDereferencer();
        signContext.setURIDereferencer(ud);
        // Generate (and sign) the XMLSignature
        signature.sign(signContext);
        TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
        // 
        // PART 2 : Validating the detached signature
        // 
        // Create a XMLValidateContext & set the DSAPublicKey for validating
        XMLValidateContext vc = new DOMValidateContext(kp.getPublic(), doc.getDocumentElement());
        vc.setURIDereferencer(ud);
        // Validate the Signature (generated above)
        boolean coreValidity = signature.validate(vc);
        // Check core validation status
        if (coreValidity == false) {
            // check the validation status of each Reference
            @SuppressWarnings("unchecked") Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
            while (i.hasNext()) {
                Reference reference = i.next();
                reference.validate(vc);
            }
            fail("Signature failed core validation");
        }
        // You can also validate an XML Signature which is in XML format.
        // Unmarshal and validate an XMLSignature from a DOMValidateContext
        signature = fac.unmarshalXMLSignature(vc);
        coreValidity = signature.validate(vc);
        assertTrue("Core validity of unmarshalled XMLSignature is false", coreValidity);
    } catch (Exception ex) {
        fail("Exception: " + ex);
    }
}

Example 4 with C14NMethodParameterSpec

use of javax.xml.crypto.dsig.spec.C14NMethodParameterSpec in project wildfly by wildfly.

the class TestServlet method signDocument.

private static void signDocument(final Document doc, final PrivateKey privateKey) throws Exception {
    final XMLSignatureFactory xsf = XMLSignatureFactory.getInstance("DOM");
    final Reference ref = xsf.newReference("", xsf.newDigestMethod(DigestMethod.SHA256, null), Collections.singletonList(xsf.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
    final SignedInfo si = xsf.newSignedInfo(xsf.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), xsf.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null), Collections.singletonList(ref));
    final KeyInfo ki = KeyInfoFactory.getInstance().newKeyInfo(Collections.singletonList(KeyInfoFactory.getInstance().newKeyName("dummy")));
    xsf.newXMLSignature(si, ki).sign(new DOMSignContext(privateKey, doc.getDocumentElement()));
}

Example 5 with C14NMethodParameterSpec

use of javax.xml.crypto.dsig.spec.C14NMethodParameterSpec in project cxf by apache.

the class MetadataWriter method signMetaInfo.

private static Document signMetaInfo(X509Certificate signingCert, Key signingKey, Document doc, String referenceID) throws Exception {
    final String signatureMethod;
    if ("SHA1withDSA".equals(signingCert.getSigAlgName())) {
        signatureMethod = SignatureMethod.DSA_SHA1;
    } else if ("SHA1withRSA".equals(signingCert.getSigAlgName())) {
        signatureMethod = SignatureMethod.RSA_SHA1;
    } else if ("SHA256withRSA".equals(signingCert.getSigAlgName())) {
        signatureMethod = SignatureMethod.RSA_SHA1;
    } else {
        LOG.error("Unsupported signature method: " + signingCert.getSigAlgName());
        throw new RuntimeException("Unsupported signature method: " + signingCert.getSigAlgName());
    }
    List<Transform> transformList = Arrays.asList(XML_SIGNATURE_FACTORY.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null), XML_SIGNATURE_FACTORY.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null));
    // Create a Reference to the enveloped document (in this case,
    // you are signing the whole document, so a URI of "" signifies
    // that, and also specify the SHA1 digest algorithm and
    // the ENVELOPED Transform.
    Reference ref = XML_SIGNATURE_FACTORY.newReference("#" + referenceID, XML_SIGNATURE_FACTORY.newDigestMethod(DigestMethod.SHA1, null), transformList, null, null);
    // Create the SignedInfo.
    SignedInfo si = XML_SIGNATURE_FACTORY.newSignedInfo(XML_SIGNATURE_FACTORY.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), XML_SIGNATURE_FACTORY.newSignatureMethod(signatureMethod, null), Collections.singletonList(ref));
    // Create the KeyInfo containing the X509Data.
    KeyInfoFactory kif = XML_SIGNATURE_FACTORY.getKeyInfoFactory();
    List<Object> x509Content = Arrays.asList(signingCert.getSubjectX500Principal().getName(), signingCert);
    X509Data xd = kif.newX509Data(x509Content);
    KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
    // Create a DOMSignContext and specify the RSA PrivateKey and
    // location of the resulting XMLSignature's parent element.
    // DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(), doc.getDocumentElement());
    DOMSignContext dsc = new DOMSignContext(signingKey, doc.getDocumentElement());
    dsc.setIdAttributeNS(doc.getDocumentElement(), null, "ID");
    dsc.setNextSibling(doc.getDocumentElement().getFirstChild());
    // Create the XMLSignature, but don't sign it yet.
    XMLSignature signature = XML_SIGNATURE_FACTORY.newXMLSignature(si, ki);
    // Marshal, generate, and sign the enveloped signature.
    signature.sign(dsc);
    // Output the resulting document.
    return doc;
}