Search in sources :

Example 21 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class Bug45961Test method getSignedDocument.

private Document getSignedDocument() throws Exception {
    KeyStore ks = KeyStore.getInstance("JKS");
    FileInputStream fis = new FileInputStream(getAbsolutePath("src/test/resources/test.jks"));
    ks.load(fis, PASSWORD);
    fis.close();
    PrivateKey privateKey = (PrivateKey) ks.getKey(ALIAS, PASSWORD);
    X509Certificate signingCert = (X509Certificate) ks.getCertificate(ALIAS);
    Document document = _builder.newDocument();
    XMLSignature signature = new XMLSignature(document, null, XMLSignature.ALGO_ID_SIGNATURE_DSA, MOCK_CANONICALIZATION_METHOD);
    Element root = document.createElementNS("", "RootElement");
    root.appendChild(document.createTextNode("Some simple test\n"));
    root.appendChild(signature.getElement());
    document.appendChild(root);
    // document.appendChild(signature.getElement());
    Element root2 = document.createElementNS("", "RootElement");
    root2.appendChild(document.createTextNode("Some simple test\n"));
    object = new ObjectContainer(document);
    object.appendChild(root2);
    object.setId(OBJECT_ID);
    root.appendChild(object.getElement());
    signature.addDocument("#" + OBJECT_ID);
    signature.addDocument("", getTransforms(document));
    signature.addKeyInfo(signingCert);
    signature.sign(privateKey);
    return document;
}
Also used : PrivateKey(java.security.PrivateKey) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) KeyStore(java.security.KeyStore) ObjectContainer(org.apache.xml.security.signature.ObjectContainer) FileInputStream(java.io.FileInputStream) X509Certificate(java.security.cert.X509Certificate)

Example 22 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class Canonicalizer20010315ExclusiveTest method testA.

/**
 * Method testA
 *
 * @throws CanonicalizationException
 * @throws FileNotFoundException
 * @throws IOException
 * @throws InvalidCanonicalizerException
 * @throws ParserConfigurationException
 * @throws SAXException
 * @throws TransformerException
 * @throws XMLSecurityException
 * @throws XMLSignatureException
 * @throws org.apache.xml.security.keys.keyresolver.KeyResolverException
 */
@org.junit.Test
public void testA() throws IOException, FileNotFoundException, SAXException, ParserConfigurationException, CanonicalizationException, InvalidCanonicalizerException, TransformerException, XMLSignatureException, XMLSecurityException, org.apache.xml.security.keys.keyresolver.KeyResolverException {
    File fileIn = new File(getAbsolutePath("src/test/resources/ie/baltimore/merlin-examples/ec-merlin-iaikTests-two/signature.xml"));
    // File fileIn = new File("signature.xml");
    assertTrue("file exists", fileIn.exists());
    Document doc = this.db.parse(fileIn);
    Element signatureElement = (Element) doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
    XMLSignature xmlSignature = new XMLSignature(signatureElement, fileIn.toURI().toURL().toString(), false);
    boolean verify = xmlSignature.checkSignatureValue(xmlSignature.getKeyInfo().getPublicKey());
    int length = xmlSignature.getSignedInfo().getLength();
    int numberOfPositiveReferences = 0;
    for (int i = 0; i < length; i++) {
        boolean singleResult = xmlSignature.getSignedInfo().getVerificationResult(i);
        if (singleResult) {
            numberOfPositiveReferences++;
        }
    }
    assertTrue("Verification failed; only " + numberOfPositiveReferences + "/" + length + " matched", verify);
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) File(java.io.File)

Example 23 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class InvalidKeyTest method validate.

private void validate(PublicKey pk) throws Exception {
    FileInputStream is = new FileInputStream(BASEDIR + SEP + "src/test/resources/org/apache/xml/security/samples/input/test-assertion.xml");
    Document e = XMLUtils.createDocumentBuilder(false).parse(is);
    Node assertion = e.getFirstChild();
    while (!(assertion instanceof Element)) {
        assertion = assertion.getNextSibling();
    }
    Attr attr = ((Element) assertion).getAttributeNodeNS(null, "AssertionID");
    if (attr != null) {
        ((Element) assertion).setIdAttributeNode(attr, true);
    }
    Element n = (Element) assertion.getLastChild();
    XMLSignature si = new XMLSignature(n, "");
    si.checkSignatureValue(pk);
// System.out.println("VALIDATION OK" );
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) FileInputStream(java.io.FileInputStream) Attr(org.w3c.dom.Attr)

Example 24 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class ProcessingInstructionTest method testProcessingInstruction.

@org.junit.Test
public void testProcessingInstruction() throws Exception {
    String signatureFileName = dir + "upp_sign.xml";
    DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
    File f = new File(signatureFileName);
    Document doc = db.parse(new FileInputStream(f));
    Node obj = doc.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#", "QualifyingProperties").item(0);
    while (obj != null) {
        if (obj instanceof Element) {
            Attr attr = ((Element) obj).getAttributeNode("Id");
            if (attr != null) {
                ((Element) obj).setIdAttributeNode(attr, true);
            }
        }
        obj = obj.getFirstChild();
    }
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, doc, XPathConstants.NODE);
    String baseUri = new File(".").toURI().toURL().toString();
    XMLSignature signature = new XMLSignature(sigElement, baseUri);
    signature.addResourceResolver(FileResolver.getInstance());
    X509Certificate cert = signature.getKeyInfo().getX509Certificate();
    if (!signature.checkSignatureValue(cert)) {
        throw new Exception("Signature is invalid!");
    }
}
Also used : XPath(javax.xml.xpath.XPath) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) Document(org.w3c.dom.Document) FileInputStream(java.io.FileInputStream) Attr(org.w3c.dom.Attr) X509Certificate(java.security.cert.X509Certificate) URISyntaxException(java.net.URISyntaxException) ResourceResolverException(org.apache.xml.security.utils.resolver.ResourceResolverException) XPathFactory(javax.xml.xpath.XPathFactory) DocumentBuilder(javax.xml.parsers.DocumentBuilder) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) XMLSignature(org.apache.xml.security.signature.XMLSignature) File(java.io.File)

Example 25 with XMLSignature

use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.

the class SignatureTest method signDocument.

private XMLSignature signDocument(Document doc) throws Throwable {
    XMLSignature sig = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_DSA);
    Element root = doc.getDocumentElement();
    root.appendChild(sig.getElement());
    sig.getSignedInfo().addResourceResolver(new ResolverXPointer());
    Transforms transforms = new Transforms(doc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
    sig.addKeyInfo(getPublicKey());
    sig.sign(getPrivateKey());
    return sig;
}
Also used : ResolverXPointer(org.apache.xml.security.utils.resolver.implementations.ResolverXPointer) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms)

Aggregations

XMLSignature (org.apache.xml.security.signature.XMLSignature)137 Document (org.w3c.dom.Document)92 Element (org.w3c.dom.Element)69 X509Certificate (java.security.cert.X509Certificate)60 Test (org.junit.Test)60 DocumentBuilder (javax.xml.parsers.DocumentBuilder)52 InputStream (java.io.InputStream)51 ByteArrayInputStream (java.io.ByteArrayInputStream)50 ByteArrayOutputStream (java.io.ByteArrayOutputStream)49 KeyStore (java.security.KeyStore)48 ArrayList (java.util.ArrayList)48 XMLStreamReader (javax.xml.stream.XMLStreamReader)43 Key (java.security.Key)42 DOMSource (javax.xml.transform.dom.DOMSource)42 StreamResult (javax.xml.transform.stream.StreamResult)42 Transforms (org.apache.xml.security.transforms.Transforms)29 SecretKey (javax.crypto.SecretKey)28 XPath (javax.xml.xpath.XPath)23 KeyInfo (org.apache.xml.security.keys.KeyInfo)22 XPathFactory (javax.xml.xpath.XPathFactory)19