use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class PreCalculatedDigestSignatureTest method validateSignatureWithCorrectDigestShouldBeValid.
@Test
public void validateSignatureWithCorrectDigestShouldBeValid() throws Exception {
XMLSignature signature = openSignature(signatureFilePath);
// Add resource resolver for the external document (test.txt) with the pre-calculated digest (valid for this test)
ExternalResourceResolver resolver = new ExternalResourceResolver(EXTERNAL_DOCUMENT_URI, PRE_CALCULATED_DIGEST);
signature.addResourceResolver(resolver);
boolean validSignature = validateSignature(signature);
assertTrue(validSignature);
}
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class SignatureReferenceTest method testSigningVerifyingReference.
@org.junit.Test
public void testSigningVerifyingReference() throws Throwable {
Document doc = getOriginalDocument();
XMLSignature signature = signDocument(doc);
PublicKey pubKey = getPublicKey();
assertTrue(signature.checkSignatureValue(pubKey));
// Check the reference(s)
SignedInfo signedInfo = signature.getSignedInfo();
assertTrue(signedInfo.getLength() == 1);
Reference reference = signedInfo.item(0);
ReferenceData referenceData = reference.getReferenceData();
assertNotNull(referenceData);
assertTrue(referenceData instanceof ReferenceNodeSetData);
// Test the cached Element
Element referenceElement = (Element) ((ReferenceNodeSetData) referenceData).iterator().next();
assertNotNull(referenceElement);
assertTrue("root".equals(referenceElement.getLocalName()));
Element originalElement = (Element) doc.getElementsByTagNameNS("http://ns.example.org/", "root").item(0);
assertNotNull(originalElement);
assertEquals(referenceElement, originalElement);
}
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class UnknownAlgoSignatureTest method unmarshalXMLSignature.
private XMLSignature unmarshalXMLSignature(String fileName) throws ParserConfigurationException, SAXException, IOException, TransformerException, XMLSecurityException, XPathExpressionException {
File file = null;
if (BASEDIR != null && !"".equals(BASEDIR)) {
file = new File(BASEDIR + SEP + SIGNATURE_SOURCE_PATH, fileName);
} else {
file = new File(SIGNATURE_SOURCE_PATH, fileName);
}
Document doc = getDocument(file);
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
xpath.setNamespaceContext(new DSNamespaceContext());
String expression = "//ds:Signature[1]";
Element sigElement = (Element) xpath.evaluate(expression, doc, XPathConstants.NODE);
return new XMLSignature(sigElement, file.toURI().toURL().toString());
}
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class WrappingAttackTest method readAndVerifySignatureAndSetManifest.
private boolean readAndVerifySignatureAndSetManifest(String directory, String file) throws Exception {
String basedir = System.getProperty("basedir");
if (basedir != null && !"".equals(basedir)) {
directory = basedir + "/" + directory;
}
File f = new File(directory + "/" + file);
javax.xml.parsers.DocumentBuilder db = XMLUtils.createDocumentBuilder(false, false);
org.w3c.dom.Document doc = db.parse(f);
Element sigElement = (Element) doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
Element manifestElement = (Element) doc.getElementsByTagName("Manifest").item(0);
manifestElement.setIdAttribute("Id", true);
XMLSignature signature = new XMLSignature(sigElement, f.toURI().toURL().toString(), true);
return signature.checkSignatureValue(signature.getKeyInfo().getPublicKey());
}
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class WrappingAttackTest method readAndVerifySignature.
private boolean readAndVerifySignature(String directory, String file) throws Exception {
String basedir = System.getProperty("basedir");
if (basedir != null && !"".equals(basedir)) {
directory = basedir + "/" + directory;
}
File f = new File(directory + "/" + file);
javax.xml.parsers.DocumentBuilder db = XMLUtils.createDocumentBuilder(false, false);
org.w3c.dom.Document doc = db.parse(f);
Element sigElement = (Element) doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
XMLSignature signature = new XMLSignature(sigElement, f.toURI().toURL().toString());
return signature.checkSignatureValue(signature.getKeyInfo().getPublicKey());
}
Aggregations