Example 51 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class AbstractPerformanceTest method doDOMSignatureOutbound.
protected void doDOMSignatureOutbound(File file, int tagCount) throws Exception {
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(file);
XMLSignature sig = new XMLSignature(document, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
Element root = document.getDocumentElement();
root.insertBefore(sig.getElement(), root.getFirstChild());
Transforms transforms = new Transforms(document);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
sig.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
sig.sign(key);
sig.addKeyInfo(cert);
XMLUtils.outputDOM(document, new BufferedOutputStream(new FileOutputStream(new File(getTmpFilePath(), "signature-dom-" + tagCount + ".xml"))));
}
Also used :
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Transforms(org.apache.xml.security.transforms.Transforms)
Document(org.w3c.dom.Document)
Example 52 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class AbstractSignatureCreationTest method verifyUsingDOMWihtoutId.
protected void verifyUsingDOMWihtoutId(Document document, Key key, List<SecurePart> secureParts) throws Exception {
XPath xpath = getxPath();
String expression = "//dsig:Signature[1]";
Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
Assert.assertNotNull(sigElement);
Assert.assertEquals("", sigElement.getAttribute("Id"));
assertEquals("Without Id there can only be one secure part", 1, secureParts.size());
expression = "//*[local-name()='" + secureParts.get(0).getName().getLocalPart() + "']";
Element signedElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
Assert.assertNotNull(signedElement);
Assert.assertEquals("", signedElement.getAttribute("Id"));
XMLSignature signature = new XMLSignature(sigElement, "");
// We need a special resolver for the empty URI
signature.addResourceResolver(new EmptyURIResourceResolverSpi(signedElement));
Assert.assertTrue(signature.checkSignatureValue(key));
}
Also used :
XPath(javax.xml.xpath.XPath)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Example 53 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class AbstractSignatureCreationTest method verifyUsingDOM.
/**
* Verify the document using DOM
*/
protected void verifyUsingDOM(Document document, Key key, List<SecurePart> secureParts) throws Exception {
XPath xpath = getxPath();
String expression = "//dsig:Signature[1]";
Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
Assert.assertNotNull(sigElement);
for (SecurePart securePart : secureParts) {
expression = "//*[local-name()='" + securePart.getName().getLocalPart() + "']";
Element signedElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
Assert.assertNotNull(signedElement);
signedElement.setIdAttributeNS(null, "Id", true);
}
XMLSignature signature = new XMLSignature(sigElement, "");
Assert.assertTrue(signature.checkSignatureValue(key));
}
Also used :
XPath(javax.xml.xpath.XPath)
SecurePart(org.apache.xml.security.stax.ext.SecurePart)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Example 54 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class SignatureCreationTest method testMultipleSignatures.
@Test
public void testMultipleSignatures() throws Exception {
// Set up the Configuration
XMLSecurityProperties properties = new XMLSecurityProperties();
List<XMLSecurityConstants.Action> actions = new ArrayList<XMLSecurityConstants.Action>();
actions.add(XMLSecurityConstants.SIGNATURE);
properties.setActions(actions);
// Set the key up
KeyStore keyStore = KeyStore.getInstance("jks");
keyStore.load(this.getClass().getClassLoader().getResource("transmitter.jks").openStream(), "default".toCharArray());
Key key = keyStore.getKey("transmitter", "default".toCharArray());
properties.setSignatureKey(key);
X509Certificate cert = (X509Certificate) keyStore.getCertificate("transmitter");
properties.setSignatureCerts(new X509Certificate[] { cert });
SecurePart securePart = new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, StandardCharsets.UTF_8.name());
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
xmlStreamWriter.close();
// Now do second signature
sourceDocument = new ByteArrayInputStream(baos.toByteArray());
outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
baos = new ByteArrayOutputStream();
xmlStreamWriter = outboundXMLSec.processOutMessage(baos, StandardCharsets.UTF_8.name());
xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
xmlStreamWriter.close();
// System.out.println("Got:\n" + new String(baos.toByteArray(), StandardCharsets.UTF_8.name()));
Document document = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
document = XMLUtils.createDocumentBuilder(false).parse(is);
}
// Verify using DOM
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
xpath.setNamespaceContext(new DSNamespaceContext());
String expression = "//dsig:Signature";
NodeList sigElements = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
Assert.assertTrue(sigElements.getLength() == 2);
for (SecurePart secPart : properties.getSignatureSecureParts()) {
if (secPart.getName() == null) {
continue;
}
expression = "//*[local-name()='" + secPart.getName().getLocalPart() + "']";
Element signedElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
Assert.assertNotNull(signedElement);
signedElement.setIdAttributeNS(null, "Id", true);
}
for (int i = 0; i < sigElements.getLength(); i++) {
XMLSignature signature = new XMLSignature((Element) sigElements.item(i), "");
Assert.assertTrue(signature.checkSignatureValue(cert));
}
}
Also used :
XMLStreamReader(javax.xml.stream.XMLStreamReader)
Element(org.w3c.dom.Element)
ArrayList(java.util.ArrayList)
Document(org.w3c.dom.Document)
XPathFactory(javax.xml.xpath.XPathFactory)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
XPath(javax.xml.xpath.XPath)
QName(javax.xml.namespace.QName)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
NodeList(org.w3c.dom.NodeList)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
ByteArrayInputStream(java.io.ByteArrayInputStream)
DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext)
Key(java.security.Key)
SecretKey(javax.crypto.SecretKey)
Test(org.junit.Test)
Example 55 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class SignatureDigestVerificationTest method testSHA224.
@Test
public void testSHA224() throws Exception {
// Read in plaintext document
InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
Document document = builder.parse(sourceDocument);
// Set up the Key
KeyStore keyStore = KeyStore.getInstance("jks");
keyStore.load(this.getClass().getClassLoader().getResource("transmitter.jks").openStream(), "default".toCharArray());
Key key = keyStore.getKey("transmitter", "default".toCharArray());
X509Certificate cert = (X509Certificate) keyStore.getCertificate("transmitter");
// Sign using DOM
List<String> localNames = new ArrayList<>();
localNames.add("PaymentInfo");
String digestAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#sha224";
XMLSignature sig = signUsingDOM("http://www.w3.org/2000/09/xmldsig#rsa-sha1", document, localNames, key, "http://www.w3.org/2001/10/xml-exc-c14n#", digestAlgorithm);
// Add KeyInfo
sig.addKeyInfo(cert);
// Convert Document to a Stream Reader
javax.xml.transform.Transformer transformer = transformerFactory.newTransformer();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
transformer.transform(new DOMSource(document), new StreamResult(baos));
XMLStreamReader xmlStreamReader = null;
try (InputStream is = new ByteArrayInputStream(baos.toByteArray())) {
xmlStreamReader = xmlInputFactory.createXMLStreamReader(is);
}
// Verify signature
XMLSecurityProperties properties = new XMLSecurityProperties();
InboundXMLSec inboundXMLSec = XMLSec.getInboundWSSec(properties);
TestSecurityEventListener securityEventListener = new TestSecurityEventListener();
XMLStreamReader securityStreamReader = inboundXMLSec.processInMessage(xmlStreamReader, null, securityEventListener);
StAX2DOM.readDoc(XMLUtils.createDocumentBuilder(false), securityStreamReader);
}
Also used :
DOMSource(javax.xml.transform.dom.DOMSource)
XMLStreamReader(javax.xml.stream.XMLStreamReader)
StreamResult(javax.xml.transform.stream.StreamResult)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
InboundXMLSec(org.apache.xml.security.stax.ext.InboundXMLSec)
Document(org.w3c.dom.Document)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
XMLSecurityProperties(org.apache.xml.security.stax.ext.XMLSecurityProperties)
Key(java.security.Key)
Test(org.junit.Test)
Aggregations
XMLSignature (org.apache.xml.security.signature.XMLSignature)132
Document (org.w3c.dom.Document)91
Element (org.w3c.dom.Element)69
X509Certificate (java.security.cert.X509Certificate)60
Test (org.junit.Test)55
DocumentBuilder (javax.xml.parsers.DocumentBuilder)52
InputStream (java.io.InputStream)51
ByteArrayInputStream (java.io.ByteArrayInputStream)50
ByteArrayOutputStream (java.io.ByteArrayOutputStream)49
KeyStore (java.security.KeyStore)48
ArrayList (java.util.ArrayList)48
XMLStreamReader (javax.xml.stream.XMLStreamReader)43
Key (java.security.Key)42
DOMSource (javax.xml.transform.dom.DOMSource)42
StreamResult (javax.xml.transform.stream.StreamResult)42
Transforms (org.apache.xml.security.transforms.Transforms)29
SecretKey (javax.crypto.SecretKey)28
XPath (javax.xml.xpath.XPath)23
KeyInfo (org.apache.xml.security.keys.KeyInfo)22
XPathFactory (javax.xml.xpath.XPathFactory)19
