Examples with Transforms org.apache.xml.security.transforms.Transforms used on opensource projects

Example 11 with Transforms

use of org.apache.xml.security.transforms.Transforms in project testcases by coheigea.

the class SignatureUtils method signUsingDOM.

/**
 * Sign the document using the DOM API of Apache Santuario - XML Security for Java.
 * It signs a list of QNames that it finds in the Document via XPath.
 */
public static void signUsingDOM(Document document, List<QName> namesToSign, String algorithm, Key signingKey, X509Certificate signingCert) throws Exception {
    XMLSignature sig = new XMLSignature(document, "", algorithm, "http://www.w3.org/2001/10/xml-exc-c14n#");
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (QName nameToSign : namesToSign) {
        String expression = "//*[local-name()='" + nameToSign.getLocalPart() + "']";
        NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
        for (int i = 0; i < elementsToSign.getLength(); i++) {
            Element elementToSign = (Element) elementsToSign.item(i);
            Assert.assertNotNull(elementToSign);
            String id = UUID.randomUUID().toString();
            elementToSign.setAttributeNS(null, "Id", id);
            elementToSign.setIdAttributeNS(null, "Id", true);
            Transforms transforms = new Transforms(document);
            transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
            sig.addDocument("#" + id, transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
        }
    }
    sig.sign(signingKey);
    // Find the Signature Element
    Element sigElement = getSignatureElement(document);
    Assert.assertNotNull(sigElement);
    if (signingCert != null) {
        sig.addKeyInfo(signingCert);
    }
}

Example 12 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class XmlSecTest method checkXmlSignatureSoftwareStack.

private void checkXmlSignatureSoftwareStack(boolean cert) throws Exception {
    Init.init();
    Document testDocument = TestUtils.newDocument();
    Element rootElement = testDocument.createElementNS("urn:namespace", "tns:document");
    rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:namespace");
    testDocument.appendChild(rootElement);
    Element childElement = testDocument.createElementNS("urn:childnamespace", "t:child");
    childElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:t", "urn:childnamespace");
    childElement.appendChild(testDocument.createTextNode("hello world"));
    rootElement.appendChild(childElement);
    PrivateKey privateKey;
    PublicKey publicKey = null;
    X509Certificate signingCert = null;
    if (cert) {
        // get key & self-signed certificate from keystore
        String fs = System.getProperty("file.separator");
        FileInputStream fis = new FileInputStream(BASEDIR + fs + "src/test/resources" + fs + "test.jks");
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(fis, "changeit".toCharArray());
        signingCert = (X509Certificate) ks.getCertificate("mullan");
        publicKey = signingCert.getPublicKey();
        privateKey = (PrivateKey) ks.getKey("mullan", "changeit".toCharArray());
    } else {
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
        kpg.initialize(1024);
        KeyPair keyPair = kpg.generateKeyPair();
        publicKey = keyPair.getPublic();
        privateKey = keyPair.getPrivate();
    }
    XMLSignature signature = new XMLSignature(testDocument, "", XMLSignature.ALGO_ID_SIGNATURE_DSA, Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
    Element signatureElement = signature.getElement();
    rootElement.appendChild(signatureElement);
    Transforms transforms = new Transforms(testDocument);
    XPathContainer xpath = new XPathContainer(testDocument);
    xpath.setXPathNamespaceContext("ds", Constants.SignatureSpecNS);
    xpath.setXPath("not(ancestor-or-self::ds:Signature)");
    transforms.addTransform(Transforms.TRANSFORM_XPATH, xpath.getElementPlusReturns());
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    signature.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA1);
    if (cert) {
        signature.addKeyInfo(signingCert);
    } else {
        signature.addKeyInfo(publicKey);
    }
    Element nsElement = testDocument.createElementNS(null, "nsElement");
    nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
    signature.sign(privateKey);
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xPath = xpf.newXPath();
    xPath.setNamespaceContext(new DSNamespaceContext());
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xPath.evaluate(expression, testDocument, XPathConstants.NODE);
    XMLSignature signatureToVerify = new XMLSignature(sigElement, "");
    boolean signResult = signatureToVerify.checkSignatureValue(publicKey);
    assertTrue(signResult);
}

Example 13 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class TransformBase64DecodeTest method test1.

@org.junit.jupiter.api.Test
public void test1() throws Exception {
    // base64 encoded
    String s1 = "VGhlIFVSSSBvZiB0aGUgdHJhbnNmb3JtIGlzIGh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1s\n" + "ZHNpZyNiYXNlNjQ=";
    Document doc = TransformBase64DecodeTest.createDocument();
    Transforms t = new Transforms(doc);
    doc.appendChild(t.getElement());
    t.addTransform(Transforms.TRANSFORM_BASE64_DECODE);
    XMLSignatureInput in = null;
    try (InputStream is = new ByteArrayInputStream(s1.getBytes())) {
        in = new XMLSignatureInput(is);
    }
    XMLSignatureInput out = t.performTransforms(in);
    String result = new String(out.getBytes());
    assertEquals(result, "The URI of the transform is http://www.w3.org/2000/09/xmldsig#base64");
}

Example 14 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class TransformBase64DecodeTest method test2.

@org.junit.jupiter.api.Test
public void test2() throws Exception {
    // base64 encoded twice
    String s2 = "VkdobElGVlNTU0J2WmlCMGFHVWdkSEpoYm5ObWIzSnRJR2x6SUdoMGRIQTZMeTkzZDNjdWR6TXVi\n" + "M0puTHpJd01EQXZNRGt2ZUcxcwpaSE5wWnlOaVlYTmxOalE9";
    Document doc = TransformBase64DecodeTest.createDocument();
    Transforms t = new Transforms(doc);
    doc.appendChild(t.getElement());
    t.addTransform(Transforms.TRANSFORM_BASE64_DECODE);
    XMLSignatureInput in = null;
    try (InputStream is = new ByteArrayInputStream(s2.getBytes())) {
        in = new XMLSignatureInput(is);
    }
    XMLSignatureInput out = t.performTransforms(t.performTransforms(in));
    String result = new String(out.getBytes());
    assertEquals(result, "The URI of the transform is http://www.w3.org/2000/09/xmldsig#base64");
}

Example 15 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.

the class TransformBase64DecodeTest method test3.

@org.junit.jupiter.api.Test
public void test3() throws Exception {
    // J-
    String input = "" + "<Object xmlns:signature='http://www.w3.org/2000/09/xmldsig#'>\n" + "<signature:Base64>\n" + "VGhlIFVSSSBvZiB0aGU gdHJhbn<RealText>Nmb  3JtIGlzIG<test/>h0dHA6</RealText>Ly93d3cudzMub3JnLzIwMDAvMDkveG1s\n" + "ZHNpZyNiYXNlNjQ=\n" + "</signature:Base64>\n" + "</Object>\n";
    // J+
    Document doc = null;
    try (InputStream is = new ByteArrayInputStream(input.getBytes())) {
        doc = XMLUtils.read(is, false);
    }
    // XMLUtils.circumventBug2650(doc);
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    String expression = "//ds:Base64";
    Node base64Node = (Node) xpath.evaluate(expression, doc, XPathConstants.NODE);
    XMLSignatureInput xmlinput = new XMLSignatureInput(base64Node);
    Document doc2 = TransformBase64DecodeTest.createDocument();
    Transforms t = new Transforms(doc2);
    doc2.appendChild(t.getElement());
    t.addTransform(Transforms.TRANSFORM_BASE64_DECODE);
    XMLSignatureInput out = t.performTransforms(xmlinput);
    String result = new String(out.getBytes());
    assertEquals(result, "The URI of the transform is http://www.w3.org/2000/09/xmldsig#base64", "\"" + result + "\"");
}