Search in sources :

Example 61 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class Reference method getNodesetBeforeFirstCanonicalization.

/**
 * This method returns the XMLSignatureInput which represents the node set before
 * some kind of canonicalization is applied for the first time.
 * @return Gets a the node doing everything till the first c14n is needed
 *
 * @throws XMLSignatureException
 */
public XMLSignatureInput getNodesetBeforeFirstCanonicalization() throws XMLSignatureException {
    try {
        XMLSignatureInput input = this.getContentsBeforeTransformation();
        cacheDereferencedElement(input);
        XMLSignatureInput output = input;
        Transforms transforms = this.getTransforms();
        if (transforms != null) {
            for (int i = 0; i < transforms.getLength(); i++) {
                Transform t = transforms.item(i);
                String uri = t.getURI();
                if (TRANSFORM_ALGORITHMS.contains(uri)) {
                    break;
                }
                output = t.performTransform(output, null, secureValidation);
            }
            output.setSourceURI(input.getSourceURI());
        }
        return output;
    } catch (IOException | XMLSecurityException ex) {
        throw new XMLSignatureException(ex);
    }
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms) IOException(java.io.IOException) Transform(org.apache.xml.security.transforms.Transform) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Example 62 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class HMACSignatureAlgorithmTest method sign.

private XMLSignature sign(String algorithm, Document document, List<String> localNames, Key signingKey) throws Exception {
    String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    XMLSignature sig = new XMLSignature(document, "", algorithm, c14nMethod);
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
        for (int i = 0; i < elementsToSign.getLength(); i++) {
            Element elementToSign = (Element) elementsToSign.item(i);
            assertNotNull(elementToSign);
            String id = UUID.randomUUID().toString();
            elementToSign.setAttributeNS(null, "Id", id);
            elementToSign.setIdAttributeNS(null, "Id", true);
            Transforms transforms = new Transforms(document);
            transforms.addTransform(c14nMethod);
            String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
            sig.addDocument("#" + id, transforms, digestMethod);
        }
    }
    sig.sign(signingKey);
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
    assertNotNull(sigElement);
    return sig;
}
Also used : XPath(javax.xml.xpath.XPath) XPathFactory(javax.xml.xpath.XPathFactory) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) Transforms(org.apache.xml.security.transforms.Transforms)

Example 63 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class CreateExclC14nInteropValues method main.

/**
 * Method main
 *
 * @param unused
 * @throws Exception
 */
public static void main(String[] unused) throws Exception {
    org.apache.xml.security.Init.init();
    Document doc = TestUtils.newDocument();
    String directory = "data/org/apache/xml/security/c14n/outExcl/";
    File signatureFile = new File(directory + "apacheSignature.xml");
    XMLSignature xmlSignature = new XMLSignature(doc, signatureFile.toURI().toURL().toString(), XMLSignature.ALGO_ID_MAC_HMAC_SHA1);
    doc.appendChild(xmlSignature.getElement());
    {
        // ref 0
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("iaikTests.example1.xml", tf);
    }
    {
        // ref 1
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::GrandChild or parent::GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
        xmlSignature.addDocument("iaikTests.example1.xml", tf);
    }
    {
        // ref 2
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
            xc.setXPath("self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("iaikTests.example2.xml", tf);
    }
    {
        // ref 3
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:default", "http://example.org");
            xc.setXPath("self::Parent or (parent::Parent and not(self::default:Child)) or self::GrandChild or parent::GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
        xmlSignature.addDocument("iaikTests.example2.xml", tf);
    }
    {
        // ref 4
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:default", "http://example.org/default");
            xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
            xc.setXPath("self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("iaikTests.example3.xml", tf);
    }
    {
        // ref 5
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:default", "http://example.org/default");
            xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
            xc.setXPath("self::default:Parent or (parent::default:Parent and not(self::default:Child)) or self::ns1:GrandChild or parent::ns1:GrandChild or self::default:GrandChild or parent::default:GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
        xmlSignature.addDocument("iaikTests.example3.xml", tf);
    }
    {
        // ref 6
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
            xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("iaikTests.example4.xml", tf);
    }
    {
        // ref 7
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPathNamespaceContext("xmlns:ns1", "http://example.org/ns1");
            xc.setXPath("self::Parent or (parent::Parent and not(self::Child)) or self::ns1:GrandChild or parent::ns1:GrandChild");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        {
            InclusiveNamespaces incNS = new InclusiveNamespaces(doc, "ns2");
            tf.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS, incNS.getElement());
        }
        xmlSignature.addDocument("iaikTests.example4.xml", tf);
    }
    {
        // ref 8
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object1";
        obj.setId(id);
        String xmlStr = "" + "<included    xml:lang='de'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included                 >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        // ref apache_8
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 9
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object2";
        obj.setId(id);
        String xmlStr = "" + "<included    xml:lang='uk'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included                 >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        // ref apache_8
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 10
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object3";
        obj.setId(id);
        String xmlStr = "" + "<included    xml:lang='de'>" + "\n" + "<notIncluded xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included xml:lang='de'>" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</notIncluded>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        // ref apache_8
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 11
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object4";
        obj.setId(id);
        String xmlStr = "" + "<included    xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included                 >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 12
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object5";
        obj.setId(id);
        String xmlStr = "" + "<included                         xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:space='preserve' xml:lang='uk'>" + "\n" + "<included                 >" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 13
        ObjectContainer obj = new ObjectContainer(doc);
        String id = "object6";
        obj.setId(id);
        String xmlStr = "" + "<included   xml:space='preserve'  xml:lang='de'>" + "\n" + "<included xml:lang='de'>" + "\n" + "<notIncluded xml:lang='uk'>" + "\n" + "<included>" + "\n" + "</included>" + "\n" + "</notIncluded>" + "\n" + "</included>" + "\n" + "</included>";
        Document importDoc = null;
        try (InputStream is = new ByteArrayInputStream(xmlStr.getBytes(StandardCharsets.UTF_8))) {
            importDoc = XMLUtils.read(is, false);
        }
        obj.getElement().appendChild(doc.createTextNode("\n"));
        obj.getElement().appendChild(doc.importNode(importDoc.getDocumentElement(), true));
        obj.getElement().appendChild(doc.createTextNode("\n"));
        xmlSignature.appendObject(obj);
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 13b
        String id = "object6";
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
        }
        xmlSignature.addDocument("#" + id, tf);
    }
    {
        // ref 13c
        String id = "object6";
        Transforms tf = new Transforms(doc);
        {
            XPathContainer xc = new XPathContainer(doc);
            xc.setXPath("self::node()[local-name()='included']");
            tf.addTransform(Transforms.TRANSFORM_XPATH, xc.getElement());
            tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
            tf.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
        }
        xmlSignature.addDocument("#" + id, tf);
    // xmlSignature.addDocument("#" + id, tf, org.apache.xml.security.algorithms.MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1, "ref13c", null);
    }
    String secretKey = "secret";
    xmlSignature.getKeyInfo().addKeyName("The UTF-8 octets of \"" + secretKey + "\" are used for signing (" + secretKey.length() + " octets)");
    xmlSignature.sign(xmlSignature.createSecretKey(secretKey.getBytes()));
    FileOutputStream fos = new FileOutputStream(signatureFile);
    XMLUtils.outputDOM(doc, fos);
    fos.close();
    int length = xmlSignature.getSignedInfo().getLength();
    for (int i = 0; i < length; i++) {
        String fname = directory + "c14n-" + i + "-apache.xml";
        System.out.println(fname);
        JavaUtils.writeBytesToFilename(fname, xmlSignature.getSignedInfo().getReferencedContentAfterTransformsItem(i).getBytes());
    }
    XMLSignature s = new XMLSignature(doc.getDocumentElement(), signatureFile.toURI().toURL().toString());
    boolean verify = s.checkSignatureValue(s.createSecretKey("secret".getBytes()));
    System.out.println("verify=" + verify);
    System.out.println("");
    XMLUtils.outputDOMc14nWithComments(doc, System.out);
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) Transforms(org.apache.xml.security.transforms.Transforms) Document(org.w3c.dom.Document) XPathContainer(org.apache.xml.security.transforms.params.XPathContainer) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSignature(org.apache.xml.security.signature.XMLSignature) FileOutputStream(java.io.FileOutputStream) InclusiveNamespaces(org.apache.xml.security.transforms.params.InclusiveNamespaces) File(java.io.File) ObjectContainer(org.apache.xml.security.signature.ObjectContainer)

Example 64 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class PreCalculatedDigestSignatureTest method createTransformsForSignature.

private Transforms createTransformsForSignature(Document signatureDocument) throws TransformationException {
    Transforms transforms = new Transforms(signatureDocument);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
    return transforms;
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms)

Example 65 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class PreCalculatedDigestSignatureTest method createXmlSignature.

private XMLSignature createXmlSignature() throws ParserConfigurationException, XMLSecurityException {
    Document signatureDocument = TestUtils.newDocument();
    Element root = createSignatureRoot(signatureDocument);
    String baseURI = "";
    XMLSignature signature = new XMLSignature(signatureDocument, baseURI, XMLSignature.ALGO_ID_SIGNATURE_DSA);
    root.appendChild(signature.getElement());
    Transforms transforms = createTransformsForSignature(signatureDocument);
    signature.addDocument("", transforms, "http://www.w3.org/2001/04/xmlenc#sha256");
    return signature;
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) Document(org.w3c.dom.Document)

Aggregations

Transforms (org.apache.xml.security.transforms.Transforms)94 XMLSignature (org.apache.xml.security.signature.XMLSignature)66 Element (org.w3c.dom.Element)57 Document (org.w3c.dom.Document)45 XPath (javax.xml.xpath.XPath)24 XPathFactory (javax.xml.xpath.XPathFactory)23 ByteArrayOutputStream (java.io.ByteArrayOutputStream)22 DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22 PrivateKey (java.security.PrivateKey)20 InputStream (java.io.InputStream)17 ByteArrayInputStream (java.io.ByteArrayInputStream)16 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15 NodeList (org.w3c.dom.NodeList)14 SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13 ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13 FileInputStream (java.io.FileInputStream)12 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10 XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10 KeyStore (java.security.KeyStore)9 X509Certificate (java.security.cert.X509Certificate)8