Examples with Transforms - org.apache.xml.security.transforms.Transforms

Example 76 with Transforms

use of org.apache.xml.security.transforms.Transforms in project testcases by coheigea.

the class SignatureDOMEnvelopedTest method testSignatureUsingDOMAPI.

// Sign + Verify an XML Document using the DOM API
@org.junit.Test
public void testSignatureUsingDOMAPI() throws Exception {
    // Read in plaintext document
    InputStream sourceDocument = this.getClass().getClassLoader().getResourceAsStream("plaintext.xml");
    DocumentBuilder builder = XMLUtils.createDocumentBuilder(false);
    Document document = builder.parse(sourceDocument);
    // Set up the Key
    KeyStore keyStore = KeyStore.getInstance("jks");
    keyStore.load(this.getClass().getClassLoader().getResource("clientstore.jks").openStream(), "cspass".toCharArray());
    Key key = keyStore.getKey("myclientkey", "ckpass".toCharArray());
    X509Certificate cert = (X509Certificate) keyStore.getCertificate("myclientkey");
    // Sign using DOM
    XMLSignature sig = new XMLSignature(document, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1", "http://www.w3.org/2001/10/xml-exc-c14n#");
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
    sig.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
    sig.sign(key);
    if (cert != null) {
        sig.addKeyInfo(cert);
    }
    XMLUtils.outputDOM(document, System.out);
    // Verify using DOM
    List<QName> namesToSign = new ArrayList<QName>();
    namesToSign.add(new QName("urn:example:po", "PurchaseOrder"));
    SignatureUtils.verifyUsingDOM(document, namesToSign, cert);
}

Also used : DocumentBuilder(javax.xml.parsers.DocumentBuilder) InputStream(java.io.InputStream) XMLSignature(org.apache.xml.security.signature.XMLSignature) QName(javax.xml.namespace.QName) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) ArrayList(java.util.ArrayList) Document(org.w3c.dom.Document) KeyStore(java.security.KeyStore) Key(java.security.Key) X509Certificate(java.security.cert.X509Certificate)

Example 77 with Transforms

use of org.apache.xml.security.transforms.Transforms in project gdmatrix by gdmatrix.

the class XMLSignedDocument method addSignature.

@Override
public byte[] addSignature(X509Certificate cert, String policyId, String policyDigest) throws Exception {
    // Create signature
    XMLSignature signature = new XMLSignature(doc, BaseURI, SIGN_ALGO_ID);
    root.appendChild(signature.getElement());
    String signatureId = getUniqueId();
    signature.setId(signatureId);
    signature.getElement().setIdAttribute("Id", true);
    Transforms transforms = getTransforms();
    // adding keyInfo:X509Data
    X509Data X509Data = new X509Data(doc);
    X509Data.addIssuerSerial(cert.getIssuerDN().getName(), cert.getSerialNumber());
    X509Data.addSubjectName(cert);
    X509Data.addCertificate(cert);
    signature.getKeyInfo().add(X509Data);
    // adding keyInfo:KeyValue
    signature.addKeyInfo(cert.getPublicKey());
    // add XAdES object
    String signedPropertiesId = getUniqueId();
    ObjectContainer obj = createXAdESObject(cert, signatureId, signedPropertiesId, policyId, policyDigest);
    signature.appendObject(obj);
    signature.addDocument("#" + signedPropertiesId, transforms, HASH_ALGO_ID, getUniqueId(), XADES_URI + "SignedProperties");
    // add Documents object
    String documentsId = getUniqueId();
    ObjectContainer docCont = createDocumentObject(documentsId);
    signature.appendObject(docCont);
    signature.addDocument("#" + documentsId, transforms, HASH_ALGO_ID);
    // adding signature to XMLSignedDocument
    signatures.add(signature);
    // calculate digest
    SignedInfo signedInfo = signature.getSignedInfo();
    signedInfo.generateDigestValues();
    // get data to sign
    org.santfeliu.signature.xmldsig.ByteArrayOutputStream bos = new org.santfeliu.signature.xmldsig.ByteArrayOutputStream();
    signedInfo.signInOctetStream(bos);
    byte[] dataToSign = bos.toByteArray();
    return dataToSign;
}

Also used : Transforms(org.apache.xml.security.transforms.Transforms) X509Data(org.apache.xml.security.keys.content.X509Data) SignedInfo(org.apache.xml.security.signature.SignedInfo) XMLSignature(org.apache.xml.security.signature.XMLSignature) ObjectContainer(org.apache.xml.security.signature.ObjectContainer)

Example 78 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class Reference method getNodesetBeforeFirstCanonicalization.

/**
 * This method returns the XMLSignatureInput which represents the node set before
 * some kind of canonicalization is applied for the first time.
 * @return Gets a the node doing everything till the first c14n is needed
 *
 * @throws XMLSignatureException
 */
public XMLSignatureInput getNodesetBeforeFirstCanonicalization() throws XMLSignatureException {
    try {
        XMLSignatureInput input = this.getContentsBeforeTransformation();
        cacheDereferencedElement(input);
        XMLSignatureInput output = input;
        Transforms transforms = this.getTransforms();
        if (transforms != null) {
            for (int i = 0; i < transforms.getLength(); i++) {
                Transform t = transforms.item(i);
                String uri = t.getURI();
                if (TRANSFORM_ALGORITHMS.contains(uri)) {
                    break;
                }
                output = t.performTransform(output, null, secureValidation);
            }
            output.setSourceURI(input.getSourceURI());
        }
        return output;
    } catch (IOException | XMLSecurityException ex) {
        throw new XMLSignatureException(ex);
    }
}

Also used : Transforms(org.apache.xml.security.transforms.Transforms) IOException(java.io.IOException) Transform(org.apache.xml.security.transforms.Transform) XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)

Example 79 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class PKSignatureAlgorithmTest method sign.

private XMLSignature sign(String algorithm, Document document, List<String> localNames, Key signingKey, AlgorithmParameterSpec parameterSpec) throws Exception {
    String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    XMLSignature sig = new XMLSignature(document, "", algorithm, 0, c14nMethod, null, parameterSpec);
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
        for (int i = 0; i < elementsToSign.getLength(); i++) {
            Element elementToSign = (Element) elementsToSign.item(i);
            assertNotNull(elementToSign);
            String id = UUID.randomUUID().toString();
            elementToSign.setAttributeNS(null, "Id", id);
            elementToSign.setIdAttributeNS(null, "Id", true);
            Transforms transforms = new Transforms(document);
            transforms.addTransform(c14nMethod);
            String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
            sig.addDocument("#" + id, transforms, digestMethod);
        }
    }
    sig.sign(signingKey);
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
    assertNotNull(sigElement);
    return sig;
}

Also used : XPath(javax.xml.xpath.XPath) XPathFactory(javax.xml.xpath.XPathFactory) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) Transforms(org.apache.xml.security.transforms.Transforms)

Example 80 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class Bug45961Test method getTransforms.

private Transforms getTransforms(Document document) throws Exception {
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    return transforms;
}

Also used : Transforms(org.apache.xml.security.transforms.Transforms)

Aggregations

Transforms (org.apache.xml.security.transforms.Transforms)94 XMLSignature (org.apache.xml.security.signature.XMLSignature)66 Element (org.w3c.dom.Element)57 Document (org.w3c.dom.Document)45 XPath (javax.xml.xpath.XPath)24 XPathFactory (javax.xml.xpath.XPathFactory)23 ByteArrayOutputStream (java.io.ByteArrayOutputStream)22 DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22 PrivateKey (java.security.PrivateKey)20 InputStream (java.io.InputStream)17 ByteArrayInputStream (java.io.ByteArrayInputStream)16 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15 NodeList (org.w3c.dom.NodeList)14 SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13 ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13 FileInputStream (java.io.FileInputStream)12 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10 XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10 KeyStore (java.security.KeyStore)9 X509Certificate (java.security.cert.X509Certificate)8