Example 61 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.
the class Reference method getNodesetBeforeFirstCanonicalization.
/**
* This method returns the XMLSignatureInput which represents the node set before
* some kind of canonicalization is applied for the first time.
* @return Gets a the node doing everything till the first c14n is needed
*
* @throws XMLSignatureException
*/
public XMLSignatureInput getNodesetBeforeFirstCanonicalization() throws XMLSignatureException {
try {
XMLSignatureInput input = this.getContentsBeforeTransformation();
cacheDereferencedElement(input);
XMLSignatureInput output = input;
Transforms transforms = this.getTransforms();
if (transforms != null) {
for (int i = 0; i < transforms.getLength(); i++) {
Transform t = transforms.item(i);
String uri = t.getURI();
if (TRANSFORM_ALGORITHMS.contains(uri)) {
break;
}
output = t.performTransform(output, null, secureValidation);
}
output.setSourceURI(input.getSourceURI());
}
return output;
} catch (IOException | XMLSecurityException ex) {
throw new XMLSignatureException(ex);
}
}
Also used :
Transforms(org.apache.xml.security.transforms.Transforms)
IOException(java.io.IOException)
Transform(org.apache.xml.security.transforms.Transform)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 62 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.
the class HMACSignatureAlgorithmTest method sign.
private XMLSignature sign(String algorithm, Document document, List<String> localNames, Key signingKey) throws Exception {
String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
XMLSignature sig = new XMLSignature(document, "", algorithm, c14nMethod);
Element root = document.getDocumentElement();
root.appendChild(sig.getElement());
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
xpath.setNamespaceContext(new DSNamespaceContext());
for (String localName : localNames) {
String expression = "//*[local-name()='" + localName + "']";
NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
for (int i = 0; i < elementsToSign.getLength(); i++) {
Element elementToSign = (Element) elementsToSign.item(i);
assertNotNull(elementToSign);
String id = UUID.randomUUID().toString();
elementToSign.setAttributeNS(null, "Id", id);
elementToSign.setIdAttributeNS(null, "Id", true);
Transforms transforms = new Transforms(document);
transforms.addTransform(c14nMethod);
String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
sig.addDocument("#" + id, transforms, digestMethod);
}
}
sig.sign(signingKey);
String expression = "//ds:Signature[1]";
Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
assertNotNull(sigElement);
return sig;
}
Also used :
XPath(javax.xml.xpath.XPath)
XPathFactory(javax.xml.xpath.XPathFactory)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext)
Element(org.w3c.dom.Element)
NodeList(org.w3c.dom.NodeList)
Transforms(org.apache.xml.security.transforms.Transforms)
Example 63 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.
the class CreateExclC14nInteropValues method main.
/**
* Method main
*
* @param unused
* @throws Exception
*/
public static void main(String[] unused) throws Exception {
org.apache.xml.security.Init.init();
Document doc = TestUtils.newDocument();
String directory = "data/org/apache/xml/security/c14n/outExcl/";
File signatureFile = new File(directory + "apacheSignature.xml");
XMLSignature xmlSignature = new XMLSignature(doc, signatureFile.toURI().toURL().toString(), XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
doc.appendChild(xmlSignature.getElement());
{
// ref 0
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("iaikTests.example1.xml", tf);
}
{
// ref 1
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
xmlSignature.addDocument("iaikTests.example1.xml", tf);
}
{
// ref 2
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
xc.setXPath("self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("iaikTests.example2.xml", tf);
}
{
// ref 3
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
xc.setXPath("self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
xmlSignature.addDocument("iaikTests.example2.xml", tf);
}
{
// ref 4
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:default", "http://example.org/default");
xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
xc.setXPath("self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("iaikTests.example3.xml", tf);
}
{
// ref 5
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:default", "http://example.org/default");
xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
xc.setXPath("self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
xmlSignature.addDocument("iaikTests.example3.xml", tf);
}
{
// ref 6
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("iaikTests.example4.xml", tf);
}
{
// ref 7
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
{
InclusiveNamespaces incNS = new InclusiveNamespaces(doc, "ns2");
tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS, incNS.getElement());
}
xmlSignature.addDocument("iaikTests.example4.xml", tf);
}
{
// ref 8
ObjectContainer obj = new ObjectContainer(doc);
String id = "object1";
obj.setId(id);
String xmlStr = "" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
// ref apache_8
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 9
ObjectContainer obj = new ObjectContainer(doc);
String id = "object2";
obj.setId(id);
String xmlStr = "" + "<included xml:lang='uk'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
// ref apache_8
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 10
ObjectContainer obj = new ObjectContainer(doc);
String id = "object3";
obj.setId(id);
String xmlStr = "" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included xml:lang='de'>" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
// ref apache_8
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 11
ObjectContainer obj = new ObjectContainer(doc);
String id = "object4";
obj.setId(id);
String xmlStr = "" + "<included xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 12
ObjectContainer obj = new ObjectContainer(doc);
String id = "object5";
obj.setId(id);
String xmlStr = "" + "<included xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:space='preserve' xml:lang='uk'>" + "\n" + "<included >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 13
ObjectContainer obj = new ObjectContainer(doc);
String id = "object6";
obj.setId(id);
String xmlStr = "" + "<included xml:space='preserve' xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included>" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
Document importDoc = null;
try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
importDoc = XMLUtils.read(is, false);
}
obj.getElement().appendChild(doc.createTextNode("\n"));
obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
obj.getElement().appendChild(doc.createTextNode("\n"));
xmlSignature.appendObject(obj);
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 13b
String id = "object6";
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
}
xmlSignature.addDocument("#" + id, tf);
}
{
// ref 13c
String id = "object6";
Transforms tf = new Transforms(doc);
{
XPathContainer xc = new XPathContainer(doc);
xc.setXPath("self::node()[local-name()='included']");
tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
}
xmlSignature.addDocument("#" + id, tf);
// xmlSignature.addDocument("#" + id, tf, org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1, "ref13c", null);
}
String secretKey = "secret";
xmlSignature.getKeyInfo().addKeyName("The UTF-8 octets of \"" + secretKey + "\" are used for signing (" + secretKey.length() + " octets)");
xmlSignature.sign(xmlSignature.createSecretKey(secretKey.getBytes()));
FileOutputStream fos = new FileOutputStream(signatureFile);
XMLUtils.outputDOM(doc, fos);
fos.close();
int length = xmlSignature.getSignedInfo().getLength();
for (int i = 0; i < length; i++) {
String fname = directory + "c14n-" + i + "-apache.xml";
System.out.println(fname);
JavaUtils.writeBytesToFilename(fname, xmlSignature.getSignedInfo().getReferencedContentAfterTransformsItem(i).getBytes());
}
XMLSignature s = new XMLSignature(doc.getDocumentElement(), signatureFile.toURI().toURL().toString());
boolean verify = s.checkSignatureValue(s.createSecretKey("secret".getBytes()));
System.out.println("verify=" + verify);
System.out.println("");
XMLUtils.outputDOMc14nWithComments(doc, System.out);
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Transforms(org.apache.xml.security.transforms.Transforms)
Document(org.w3c.dom.Document)
XPathContainer(org.apache.xml.security.transforms.params.XPathContainer)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
FileOutputStream(java.io.FileOutputStream)
InclusiveNamespaces(org.apache.xml.security.transforms.params.InclusiveNamespaces)
File(java.io.File)
ObjectContainer(org.apache.xml.security.signature.ObjectContainer)
Example 64 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.
the class PreCalculatedDigestSignatureTest method createTransformsForSignature.
private Transforms createTransformsForSignature(Document signatureDocument) throws TransformationException {
Transforms transforms = new Transforms(signatureDocument);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
return transforms;
}
Also used :
Transforms(org.apache.xml.security.transforms.Transforms)
Example 65 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.
the class PreCalculatedDigestSignatureTest method createXmlSignature.
private XMLSignature createXmlSignature() throws ParserConfigurationException, XMLSecurityException {
Document signatureDocument = TestUtils.newDocument();
Element root = createSignatureRoot(signatureDocument);
String baseURI = "";
XMLSignature signature = new XMLSignature(signatureDocument, baseURI, XMLSignature.ALGO_ID_SIGNATURE_DSA);
root.appendChild(signature.getElement());
Transforms transforms = createTransformsForSignature(signatureDocument);
signature.addDocument("", transforms, "http://www.w3.org/2001/04/xmlenc#sha256");
return signature;
}
Also used :
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Transforms(org.apache.xml.security.transforms.Transforms)
Document(org.w3c.dom.Document)
Aggregations
Transforms (org.apache.xml.security.transforms.Transforms)94
XMLSignature (org.apache.xml.security.signature.XMLSignature)66
Element (org.w3c.dom.Element)57
Document (org.w3c.dom.Document)45
XPath (javax.xml.xpath.XPath)24
XPathFactory (javax.xml.xpath.XPathFactory)23
ByteArrayOutputStream (java.io.ByteArrayOutputStream)22
DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22
PrivateKey (java.security.PrivateKey)20
InputStream (java.io.InputStream)17
ByteArrayInputStream (java.io.ByteArrayInputStream)16
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15
NodeList (org.w3c.dom.NodeList)14
SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13
ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13
FileInputStream (java.io.FileInputStream)12
XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10
XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10
KeyStore (java.security.KeyStore)9
X509Certificate (java.security.cert.X509Certificate)8
