Example 26 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class SignatureTest method testSigningVerifyingFromRebuildSignature.
@org.junit.Test
public void testSigningVerifyingFromRebuildSignature() throws Throwable {
Document doc = getOriginalDocument();
signDocument(doc);
Element signatureElem = (Element) doc.getElementsByTagNameNS(DS_NS, "Signature").item(0);
XMLSignature signature = new XMLSignature(signatureElem, "");
PublicKey pubKey = getPublicKey();
assertTrue(signature.checkSignatureValue(pubKey));
}
Also used :
XMLSignature(org.apache.xml.security.signature.XMLSignature)
PublicKey(java.security.PublicKey)
Element(org.w3c.dom.Element)
Document(org.w3c.dom.Document)
Example 27 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class SignatureTest method testSigningVerifyingFromExistingSignature.
@org.junit.Test
public void testSigningVerifyingFromExistingSignature() throws Throwable {
Document doc = getOriginalDocument();
XMLSignature signature = signDocument(doc);
PublicKey pubKey = getPublicKey();
assertTrue(signature.checkSignatureValue(pubKey));
}
Also used :
XMLSignature(org.apache.xml.security.signature.XMLSignature)
PublicKey(java.security.PublicKey)
Document(org.w3c.dom.Document)
Example 28 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class X509DataTest method testAddX509SubjectName.
@org.junit.Test
public void testAddX509SubjectName() throws Exception {
Init.init();
javax.xml.parsers.DocumentBuilder db = XMLUtils.createDocumentBuilder(false);
Document doc = db.newDocument();
XMLSignature sig = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_DSA);
doc.appendChild(sig.getElement());
sig.addDocument("");
// Add in the KeyInfo for the certificate that we used the private key of
X509Certificate cert = getCertificate();
sig.addKeyInfo(cert);
sig.addKeyInfo(cert.getPublicKey());
// Add these three lines
org.apache.xml.security.keys.KeyInfo ki = sig.getKeyInfo();
ki.itemX509Data(0).addSubjectName(cert.getSubjectX500Principal().getName());
ki.itemX509Data(0).addIssuerSerial(cert.getIssuerX500Principal().getName(), cert.getSerialNumber());
sig.sign(getPrivateKey());
ByteArrayOutputStream os = new ByteArrayOutputStream();
XMLUtils.outputDOM(doc, os);
XMLSignature newSig = getSignature(os.toByteArray());
assertNotNull(newSig.getKeyInfo().itemX509Data(0));
assertEquals(cert.getSubjectX500Principal().getName(), newSig.getKeyInfo().itemX509Data(0).itemSubjectName(0).getSubjectName());
assertEquals(cert.getIssuerX500Principal().getName(), newSig.getKeyInfo().itemX509Data(0).itemIssuerSerial(0).getIssuerName());
}
Also used :
XMLSignature(org.apache.xml.security.signature.XMLSignature)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Document(org.w3c.dom.Document)
X509Certificate(java.security.cert.X509Certificate)
Example 29 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class XmlSecTest method checkXmlSignatureSoftwareStack.
private void checkXmlSignatureSoftwareStack(boolean cert) throws Exception {
Init.init();
DocumentBuilder documentBuilder = XMLUtils.createDocumentBuilder(false);
Document testDocument = documentBuilder.newDocument();
Element rootElement = testDocument.createElementNS("urn:namespace", "tns:document");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:namespace");
testDocument.appendChild(rootElement);
Element childElement = testDocument.createElementNS("urn:childnamespace", "t:child");
childElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:t", "urn:childnamespace");
childElement.appendChild(testDocument.createTextNode("hello world"));
rootElement.appendChild(childElement);
PrivateKey privateKey;
PublicKey publicKey = null;
X509Certificate signingCert = null;
if (cert) {
// get key & self-signed certificate from keystore
String fs = System.getProperty("file.separator");
FileInputStream fis = new FileInputStream(BASEDIR + fs + "src/test/resources" + fs + "test.jks");
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(fis, "changeit".toCharArray());
signingCert = (X509Certificate) ks.getCertificate("mullan");
publicKey = signingCert.getPublicKey();
privateKey = (PrivateKey) ks.getKey("mullan", "changeit".toCharArray());
} else {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(1024);
KeyPair keyPair = kpg.generateKeyPair();
publicKey = keyPair.getPublic();
privateKey = keyPair.getPrivate();
}
XMLSignature signature = new XMLSignature(testDocument, "", XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
Element signatureElement = signature.getElement();
rootElement.appendChild(signatureElement);
Transforms transforms = new Transforms(testDocument);
XPathContainer xpath = new XPathContainer(testDocument);
xpath.setXPathNamespaceContext("ds", Constants.SignatureSpecNS);
xpath.setXPath("not(ancestor-or-self::ds:Signature)");
transforms.addTransform(Transforms.TRANSFORM_XPATH, xpath.getElementPlusReturns());
transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
signature.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1);
if (cert) {
signature.addKeyInfo(signingCert);
} else {
signature.addKeyInfo(publicKey);
}
Element nsElement = testDocument.createElementNS(null, "nsElement");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
signature.sign(privateKey);
XPathFactory xpf = XPathFactory.newInstance();
XPath xPath = xpf.newXPath();
xPath.setNamespaceContext(new DSNamespaceContext());
String expression = "//ds:Signature[1]";
Element sigElement = (Element) xPath.evaluate(expression, testDocument, XPathConstants.NODE);
XMLSignature signatureToVerify = new XMLSignature(sigElement, "");
boolean signResult = signatureToVerify.checkSignatureValue(publicKey);
assertTrue(signResult);
}
Also used :
XPath(javax.xml.xpath.XPath)
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
PublicKey(java.security.PublicKey)
Element(org.w3c.dom.Element)
Transforms(org.apache.xml.security.transforms.Transforms)
KeyPairGenerator(java.security.KeyPairGenerator)
Document(org.w3c.dom.Document)
KeyStore(java.security.KeyStore)
XPathContainer(org.apache.xml.security.transforms.params.XPathContainer)
X509Certificate(java.security.cert.X509Certificate)
FileInputStream(java.io.FileInputStream)
XPathFactory(javax.xml.xpath.XPathFactory)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext)
Example 30 with XMLSignature
use of org.apache.xml.security.signature.XMLSignature in project santuario-java by apache.
the class CreateSignatureTest method testSHA256Digest.
@org.junit.Test
public void testSHA256Digest() throws Exception {
PrivateKey privateKey = kp.getPrivate();
Document doc = db.newDocument();
doc.appendChild(doc.createComment(" Comment before "));
Element root = doc.createElementNS("", "RootElement");
doc.appendChild(root);
root.appendChild(doc.createTextNode("Some simple text\n"));
Element canonElem = XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
XMLSignature sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem);
root.appendChild(sig.getElement());
doc.appendChild(doc.createComment(" Comment after "));
Transforms transforms = new Transforms(doc);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
sig.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256);
sig.addKeyInfo(kp.getPublic());
sig.sign(privateKey);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
XMLUtils.outputDOMc14nWithComments(doc, bos);
String signedContent = new String(bos.toByteArray());
doVerify(signedContent);
}
Also used :
PrivateKey(java.security.PrivateKey)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Transforms(org.apache.xml.security.transforms.Transforms)
SignatureAlgorithm(org.apache.xml.security.algorithms.SignatureAlgorithm)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Document(org.w3c.dom.Document)
Aggregations
XMLSignature (org.apache.xml.security.signature.XMLSignature)137
Document (org.w3c.dom.Document)92
Element (org.w3c.dom.Element)69
X509Certificate (java.security.cert.X509Certificate)60
Test (org.junit.Test)60
DocumentBuilder (javax.xml.parsers.DocumentBuilder)52
InputStream (java.io.InputStream)51
ByteArrayInputStream (java.io.ByteArrayInputStream)50
ByteArrayOutputStream (java.io.ByteArrayOutputStream)49
KeyStore (java.security.KeyStore)48
ArrayList (java.util.ArrayList)48
XMLStreamReader (javax.xml.stream.XMLStreamReader)43
Key (java.security.Key)42
DOMSource (javax.xml.transform.dom.DOMSource)42
StreamResult (javax.xml.transform.stream.StreamResult)42
Transforms (org.apache.xml.security.transforms.Transforms)29
SecretKey (javax.crypto.SecretKey)28
XPath (javax.xml.xpath.XPath)23
KeyInfo (org.apache.xml.security.keys.KeyInfo)22
XPathFactory (javax.xml.xpath.XPathFactory)19
