Examples with XMLSignature org.apache.xml.security.signature.XMLSignature used on opensource projects

Search in sources :

Example 76 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project xades4j by luisgoncalves.

the class SignedDataObjectsProcessorTest method testProcess.

@Test
public void testProcess() throws Exception {
    System.out.println("process");
    Document doc = getNewDocument();
    SignedDataObjects dataObjsDescs = new SignedDataObjects().withSignedDataObject(new DataObjectReference("uri").withTransform(new EnvelopedSignatureTransform())).withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test1"))).withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test2"), "text/xml", null));
    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");
    AllwaysNullAlgsParamsMarshaller algsParamsMarshaller = new AllwaysNullAlgsParamsMarshaller();
    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), algsParamsMarshaller);
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);
    assertEquals(dataObjsDescs.getDataObjectsDescs().size(), result.size());
    assertEquals(2, xmlSignature.getObjectLength());
    assertEquals(xmlSignature.getSignedInfo().getLength(), dataObjsDescs.getDataObjectsDescs().size());
    assertEquals(1, algsParamsMarshaller.getInvokeCount());
    Reference ref = xmlSignature.getSignedInfo().item(0);
    assertEquals(1, ref.getTransforms().getLength());
    ObjectContainer obj = xmlSignature.getObjectItem(1);
    assertEquals("text/xml", obj.getMimeType());
    assertTrue(StringUtils.isNullOrEmptyString(obj.getEncoding()));
}
Also used : Reference(org.apache.xml.security.signature.Reference) EnvelopedSignatureTransform(xades4j.algorithms.EnvelopedSignatureTransform) Document(org.w3c.dom.Document) DataObjectDesc(xades4j.properties.DataObjectDesc) XMLSignature(org.apache.xml.security.signature.XMLSignature) ObjectContainer(org.apache.xml.security.signature.ObjectContainer) Test(org.junit.Test)

Example 77 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project xades4j by luisgoncalves.

the class SignedDataObjectsProcessorTest method testAddNullReference.

@Test
public void testAddNullReference() throws Exception {
    System.out.println("addNullReference");
    Document doc = SignatureServicesTestBase.getNewDocument();
    SignedDataObjects dataObjsDescs = new SignedDataObjects().withSignedDataObject(new AnonymousDataObjectReference("data".getBytes()));
    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");
    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), new AllwaysNullAlgsParamsMarshaller());
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);
    assertEquals(1, result.size());
    assertEquals(0, xmlSignature.getObjectLength());
    assertEquals(1, xmlSignature.getSignedInfo().getLength());
    Reference r = xmlSignature.getSignedInfo().item(0);
    assertNull(r.getElement().getAttributeNodeNS(Constants.SignatureSpecNS, "URI"));
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Reference(org.apache.xml.security.signature.Reference) Document(org.w3c.dom.Document) DataObjectDesc(xades4j.properties.DataObjectDesc) Test(org.junit.Test)

Example 78 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project testcases by coheigea.

the class SignatureDOMEnvelopedTest method testSignatureUsingDOMAPI.

// Sign + Verify an XML Document using the DOM API
@org.junit.Test
public void testSignatureUsingDOMAPI() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("plaintext.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // Set up the Key
    KeyStore keyStore = KeyStore.getInstance("jks");
    keyStore.load(this.getClass().getClassLoader().getResource("clientstore.jks").openStream(), "cspass".toCharArray());
    Key key = keyStore.getKey("myclientkey", "ckpass".toCharArray());
    X509Certificate cert = (X509Certificate) keyStore.getCertificate("myclientkey");
    // Sign using DOM
    XMLSignature sig = new XMLSignature(document, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1", "http://www.w3.org/2001/10/xml-exc-c14n#");
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
    sig.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
    sig.sign(key);
    if (cert != null) {
        sig.addKeyInfo(cert);
    }
    XMLUtils.outputDOM(document, System.out);
    // Verify using DOM
    List<QName> namesToSign = new ArrayList<QName>();
    namesToSign.add(new QName("urn:example:po", "PurchaseOrder"));
    SignatureUtils.verifyUsingDOM(document, namesToSign, cert);
}
Also used : DocumentBuilder(javax.xml.parsers.DocumentBuilder) InputStream(java.io.InputStream) XMLSignature(org.apache.xml.security.signature.XMLSignature) QName(javax.xml.namespace.QName) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) ArrayList(java.util.ArrayList) Document(org.w3c.dom.Document) KeyStore(java.security.KeyStore) Key(java.security.Key) X509Certificate(java.security.cert.X509Certificate)

Example 79 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project testcases by coheigea.

the class SignatureUtils method verifyUsingDOM.

/**
 * Verify the document using the DOM API of Apache Santuario - XML Security for Java.
 * It finds a list of QNames via XPath and uses the DOM API to mark them as having an
 * "Id".
 */
public static void verifyUsingDOM(Document document, List<QName> namesToSign, X509Certificate cert) throws Exception {
    // Find the Signature Element
    Element sigElement = getSignatureElement(document);
    Assert.assertNotNull(sigElement);
    findElementsToVerify(document, namesToSign);
    XMLSignature signature = new XMLSignature(sigElement, "");
    // Check we have a KeyInfo
    KeyInfo ki = signature.getKeyInfo();
    Assert.assertNotNull(ki);
    // Check the Signature value
    Assert.assertTrue(signature.checkSignatureValue(cert));
}
Also used : KeyInfo(org.apache.xml.security.keys.KeyInfo) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element)

Example 80 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class AbstractSignatureCreationTest method verifyUsingDOMWihtoutIdAndDefaultTransform.

protected void verifyUsingDOMWihtoutIdAndDefaultTransform(Document document, Key key, List<SecurePart> secureParts) throws Exception {
    XPath xpath = getxPath();
    String expression = "//dsig:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
    Assert.assertNotNull(sigElement);
    Assert.assertEquals("", sigElement.getAttribute("Id"));
    assertEquals("Without Id there can only be one secure part", 1, secureParts.size());
    // assertNull(secureParts.get(0).getName());
    Element signedElement = document.getDocumentElement();
    XMLSignature signature = new XMLSignature(sigElement, "");
    // We need a special resolver for the empty URI
    signature.addResourceResolver(new EmptyURIResourceResolverSpi(signedElement));
    Assert.assertTrue(signature.checkSignatureValue(key));
}
Also used : XPath(javax.xml.xpath.XPath) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element)

Aggregations

XMLSignature (org.apache.xml.security.signature.XMLSignature)132 Document (org.w3c.dom.Document)91 Element (org.w3c.dom.Element)69 X509Certificate (java.security.cert.X509Certificate)60 Test (org.junit.Test)55 DocumentBuilder (javax.xml.parsers.DocumentBuilder)52 InputStream (java.io.InputStream)51 ByteArrayInputStream (java.io.ByteArrayInputStream)50 ByteArrayOutputStream (java.io.ByteArrayOutputStream)49 KeyStore (java.security.KeyStore)48 ArrayList (java.util.ArrayList)48 XMLStreamReader (javax.xml.stream.XMLStreamReader)43 Key (java.security.Key)42 DOMSource (javax.xml.transform.dom.DOMSource)42 StreamResult (javax.xml.transform.stream.StreamResult)42 Transforms (org.apache.xml.security.transforms.Transforms)29 SecretKey (javax.crypto.SecretKey)28 XPath (javax.xml.xpath.XPath)23 KeyInfo (org.apache.xml.security.keys.KeyInfo)22 XPathFactory (javax.xml.xpath.XPathFactory)19
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial