Example 1 with DigestOutputStream
use of org.apache.xml.security.stax.impl.util.DigestOutputStream in project santuario-java by apache.
the class AbstractSignatureOutputProcessor method createMessageDigestOutputStream.
protected DigestOutputStream createMessageDigestOutputStream(String digestAlgorithm) throws XMLSecurityException {
String jceName = JCEAlgorithmMapper.translateURItoJCEID(digestAlgorithm);
String jceProvider = JCEAlgorithmMapper.getJCEProviderFromURI(digestAlgorithm);
if (jceName == null) {
throw new XMLSecurityException("algorithms.NoSuchMap", new Object[] { digestAlgorithm });
}
MessageDigest messageDigest;
try {
if (jceProvider != null) {
messageDigest = MessageDigest.getInstance(jceName, jceProvider);
} else {
messageDigest = MessageDigest.getInstance(jceName);
}
} catch (NoSuchAlgorithmException e) {
throw new XMLSecurityException(e);
} catch (NoSuchProviderException e) {
throw new XMLSecurityException(e);
}
return new DigestOutputStream(messageDigest);
}
Also used :
DigestOutputStream(org.apache.xml.security.stax.impl.util.DigestOutputStream)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
MessageDigest(java.security.MessageDigest)
NoSuchProviderException(java.security.NoSuchProviderException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 2 with DigestOutputStream
use of org.apache.xml.security.stax.impl.util.DigestOutputStream in project santuario-java by apache.
the class AbstractSignatureOutputProcessor method digestExternalReference.
protected void digestExternalReference(OutputProcessorChain outputProcessorChain, SecurePart securePart) throws XMLSecurityException, XMLStreamException {
final String externalReference = securePart.getExternalReference();
ResourceResolver resourceResolver = ResourceResolverMapper.getResourceResolver(externalReference, outputProcessorChain.getDocumentContext().getBaseURI());
String digestAlgo = securePart.getDigestMethod();
if (digestAlgo == null) {
digestAlgo = getSecurityProperties().getSignatureDigestAlgorithm();
}
DigestOutputStream digestOutputStream = createMessageDigestOutputStream(digestAlgo);
InputStream inputStream = resourceResolver.getInputStreamFromExternalReference();
SignaturePartDef signaturePartDef = new SignaturePartDef();
signaturePartDef.setSecurePart(securePart);
signaturePartDef.setSigRefId(externalReference);
signaturePartDef.setExternalResource(true);
signaturePartDef.setTransforms(securePart.getTransforms());
signaturePartDef.setDigestAlgo(digestAlgo);
try {
if (securePart.getTransforms() != null) {
signaturePartDef.setExcludeVisibleC14Nprefixes(true);
Transformer transformer = buildTransformerChain(digestOutputStream, signaturePartDef, null);
transformer.transform(inputStream);
transformer.doFinal();
} else {
XMLSecurityUtils.copy(inputStream, digestOutputStream);
}
digestOutputStream.close();
} catch (IOException e) {
throw new XMLSecurityException(e);
}
String calculatedDigest = Base64.getMimeEncoder().encodeToString(digestOutputStream.getDigestValue());
LOG.debug("Calculated Digest: {}", calculatedDigest);
signaturePartDef.setDigestValue(calculatedDigest);
getSignaturePartDefList().add(signaturePartDef);
}
Also used :
SignaturePartDef(org.apache.xml.security.stax.impl.SignaturePartDef)
DigestOutputStream(org.apache.xml.security.stax.impl.util.DigestOutputStream)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 3 with DigestOutputStream
use of org.apache.xml.security.stax.impl.util.DigestOutputStream in project santuario-java by apache.
the class AbstractSignatureReferenceVerifyInputProcessor method verifyExternalReference.
protected void verifyExternalReference(InputProcessorChain inputProcessorChain, InputStream inputStream, ReferenceType referenceType) throws XMLSecurityException, XMLStreamException {
try (BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
DigestOutputStream digestOutputStream = createMessageDigestOutputStream(referenceType, inputProcessorChain.getSecurityContext());
UnsyncBufferedOutputStream bufferedDigestOutputStream = new UnsyncBufferedOutputStream(digestOutputStream)) {
if (referenceType.getTransforms() != null) {
Transformer transformer = buildTransformerChain(referenceType, bufferedDigestOutputStream, inputProcessorChain, null);
transformer.transform(bufferedInputStream);
bufferedDigestOutputStream.close();
} else {
XMLSecurityUtils.copy(bufferedInputStream, bufferedDigestOutputStream);
bufferedDigestOutputStream.close();
}
compareDigest(digestOutputStream.getDigestValue(), referenceType);
} catch (IOException e) {
throw new XMLSecurityException(e);
}
}
Also used :
Canonicalizer20010315_OmitCommentsTransformer(org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer)
DigestOutputStream(org.apache.xml.security.stax.impl.util.DigestOutputStream)
UnsyncBufferedOutputStream(org.apache.xml.security.utils.UnsyncBufferedOutputStream)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 4 with DigestOutputStream
use of org.apache.xml.security.stax.impl.util.DigestOutputStream in project santuario-java by apache.
the class AbstractSignatureReferenceVerifyInputProcessor method createMessageDigestOutputStream.
protected DigestOutputStream createMessageDigestOutputStream(ReferenceType referenceType, InboundSecurityContext inboundSecurityContext) throws XMLSecurityException {
String digestMethodAlgorithm = referenceType.getDigestMethod().getAlgorithm();
String jceName = JCEAlgorithmMapper.translateURItoJCEID(digestMethodAlgorithm);
String jceProvider = JCEAlgorithmMapper.getJCEProviderFromURI(digestMethodAlgorithm);
if (jceName == null) {
throw new XMLSecurityException("algorithms.NoSuchMap", new Object[] { digestMethodAlgorithm });
}
AlgorithmSuiteSecurityEvent algorithmSuiteSecurityEvent = new AlgorithmSuiteSecurityEvent();
algorithmSuiteSecurityEvent.setAlgorithmURI(digestMethodAlgorithm);
algorithmSuiteSecurityEvent.setAlgorithmUsage(XMLSecurityConstants.SigDig);
algorithmSuiteSecurityEvent.setCorrelationID(referenceType.getId());
inboundSecurityContext.registerSecurityEvent(algorithmSuiteSecurityEvent);
MessageDigest messageDigest;
try {
if (jceProvider != null) {
messageDigest = MessageDigest.getInstance(jceName, jceProvider);
} else {
messageDigest = MessageDigest.getInstance(jceName);
}
} catch (NoSuchAlgorithmException e) {
throw new XMLSecurityException(e);
} catch (NoSuchProviderException e) {
throw new XMLSecurityException(e);
}
return new DigestOutputStream(messageDigest);
}
Also used :
AlgorithmSuiteSecurityEvent(org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent)
DigestOutputStream(org.apache.xml.security.stax.impl.util.DigestOutputStream)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
MessageDigest(java.security.MessageDigest)
NoSuchProviderException(java.security.NoSuchProviderException)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Aggregations
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)4
DigestOutputStream (org.apache.xml.security.stax.impl.util.DigestOutputStream)4
MessageDigest (java.security.MessageDigest)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
NoSuchProviderException (java.security.NoSuchProviderException)2
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
SignaturePartDef (org.apache.xml.security.stax.impl.SignaturePartDef)1
Canonicalizer20010315_OmitCommentsTransformer (org.apache.xml.security.stax.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer)1
AlgorithmSuiteSecurityEvent (org.apache.xml.security.stax.securityEvent.AlgorithmSuiteSecurityEvent)1
UnsyncBufferedOutputStream (org.apache.xml.security.utils.UnsyncBufferedOutputStream)1
