Example 16 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.
the class SignatureTest method signDocument.
private XMLSignature signDocument(Document doc, Provider provider) throws Throwable {
XMLSignature sig = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_DSA, provider);
Element root = doc.getDocumentElement();
root.appendChild(sig.getElement());
sig.getSignedInfo().addResourceResolver(new ResolverXPointer());
Transforms transforms = new Transforms(doc);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
sig.addKeyInfo(getPublicKey());
sig.sign(getPrivateKey());
return sig;
}
Also used :
ResolverXPointer(org.apache.xml.security.utils.resolver.implementations.ResolverXPointer)
XMLSignature(org.apache.xml.security.signature.XMLSignature)
Element(org.w3c.dom.Element)
Transforms(org.apache.xml.security.transforms.Transforms)
Example 17 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.
the class RetrievalMethodResolver method resolveInput.
/**
* Resolves the input from the given retrieval method
* @return the input from the given retrieval method
* @throws XMLSecurityException
*/
private static XMLSignatureInput resolveInput(RetrievalMethod rm, String baseURI, boolean secureValidation) throws XMLSecurityException {
Attr uri = rm.getURIAttr();
// Apply the transforms
Transforms transforms = rm.getTransforms();
ResourceResolverContext resContext = new ResourceResolverContext(uri, baseURI, secureValidation);
if (resContext.isURISafeToResolve()) {
XMLSignatureInput resource = ResourceResolver.resolve(resContext);
if (transforms != null) {
LOG.debug("We have Transforms");
resource = transforms.performTransforms(resource);
}
return resource;
}
String uriToResolve = uri != null ? uri.getValue() : null;
Object[] exArgs = { uriToResolve != null ? uriToResolve : "null", baseURI };
throw new ResourceResolverException("utils.resolver.noClass", exArgs, uriToResolve, baseURI);
}
Also used :
Transforms(org.apache.xml.security.transforms.Transforms)
ResourceResolverContext(org.apache.xml.security.utils.resolver.ResourceResolverContext)
XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput)
ResourceResolverException(org.apache.xml.security.utils.resolver.ResourceResolverException)
Attr(org.w3c.dom.Attr)
Example 18 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.
the class Reference method calculateDigest.
/**
* Method calculateDigest
*
* @param validating true if validating the reference
* @return reference Calculate the digest of this reference.
* @throws ReferenceNotInitializedException
* @throws XMLSignatureException
*/
private byte[] calculateDigest(boolean validating) throws ReferenceNotInitializedException, XMLSignatureException {
XMLSignatureInput input = this.getContentsBeforeTransformation();
if (input.isPreCalculatedDigest()) {
return getPreCalculatedDigest(input);
}
cacheDereferencedElement(input);
MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
mda.reset();
XMLSignatureInput output = null;
try (DigesterOutputStream diOs = new DigesterOutputStream(mda);
OutputStream os = new UnsyncBufferedOutputStream(diOs)) {
output = this.getContentsAfterTransformation(input, os);
this.transformsOutput = output;
// C14N11 transform if needed
if (Reference.useC14N11 && !validating && !output.isOutputStreamSet() && !output.isOctetStream()) {
if (transforms == null) {
transforms = new Transforms(getDocument());
transforms.setSecureValidation(secureValidation);
getElement().insertBefore(transforms.getElement(), digestMethodElem);
}
transforms.addTransform(Transforms.TRANSFORM_C14N11_OMIT_COMMENTS);
output.updateOutputStream(os, true);
} else {
output.updateOutputStream(os);
}
os.flush();
return diOs.getDigestValue();
} catch (XMLSecurityException | IOException ex) {
throw new ReferenceNotInitializedException(ex);
} finally {
// NOPMD
try {
if (output != null && output.getOctetStreamReal() != null) {
output.getOctetStreamReal().close();
}
} catch (IOException ex) {
throw new ReferenceNotInitializedException(ex);
}
}
}
Also used :
DigesterOutputStream(org.apache.xml.security.utils.DigesterOutputStream)
OutputStream(java.io.OutputStream)
UnsyncBufferedOutputStream(org.apache.xml.security.utils.UnsyncBufferedOutputStream)
Transforms(org.apache.xml.security.transforms.Transforms)
MessageDigestAlgorithm(org.apache.xml.security.algorithms.MessageDigestAlgorithm)
DigesterOutputStream(org.apache.xml.security.utils.DigesterOutputStream)
IOException(java.io.IOException)
UnsyncBufferedOutputStream(org.apache.xml.security.utils.UnsyncBufferedOutputStream)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 19 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.
the class Reference method getContentsAfterTransformation.
private XMLSignatureInput getContentsAfterTransformation(XMLSignatureInput input, OutputStream os) throws XMLSignatureException {
try {
Transforms transforms = this.getTransforms();
XMLSignatureInput output = null;
if (transforms != null) {
output = transforms.performTransforms(input, os);
// new XMLSignatureInput(output.getBytes());
this.transformsOutput = output;
// this.transformsOutput.setSourceURI(output.getSourceURI());
} else {
output = input;
}
return output;
} catch (XMLSecurityException ex) {
throw new XMLSignatureException(ex);
}
}
Also used :
Transforms(org.apache.xml.security.transforms.Transforms)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
Example 20 with Transforms
use of org.apache.xml.security.transforms.Transforms in project santuario-xml-security-java by apache.
the class Reference method getHTMLRepresentation.
/**
* Method getHTMLRepresentation
* @return The HTML of the transformation
* @throws XMLSignatureException
*/
public String getHTMLRepresentation() throws XMLSignatureException {
try {
XMLSignatureInput nodes = this.getNodesetBeforeFirstCanonicalization();
Transforms transforms = this.getTransforms();
Transform c14nTransform = null;
if (transforms != null) {
for (int i = 0; i < transforms.getLength(); i++) {
Transform t = transforms.item(i);
String uri = t.getURI();
if (uri.equals(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS) || uri.equals(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS)) {
c14nTransform = t;
break;
}
}
}
Set<String> inclusiveNamespaces = new HashSet<>();
if (c14nTransform != null && c14nTransform.length(InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1) {
// there is one InclusiveNamespaces element
InclusiveNamespaces in = new InclusiveNamespaces(XMLUtils.selectNode(c14nTransform.getElement().getFirstChild(), InclusiveNamespaces.ExclusiveCanonicalizationNamespace, InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES, 0), this.getBaseURI());
inclusiveNamespaces = InclusiveNamespaces.prefixStr2Set(in.getInclusiveNamespaces());
}
return nodes.getHTMLRepresentation(inclusiveNamespaces);
} catch (XMLSecurityException ex) {
throw new XMLSignatureException(ex);
}
}
Also used :
Transforms(org.apache.xml.security.transforms.Transforms)
InclusiveNamespaces(org.apache.xml.security.transforms.params.InclusiveNamespaces)
Transform(org.apache.xml.security.transforms.Transform)
XMLSecurityException(org.apache.xml.security.exceptions.XMLSecurityException)
HashSet(java.util.HashSet)
Aggregations
Transforms (org.apache.xml.security.transforms.Transforms)94
XMLSignature (org.apache.xml.security.signature.XMLSignature)66
Element (org.w3c.dom.Element)57
Document (org.w3c.dom.Document)45
XPath (javax.xml.xpath.XPath)24
XPathFactory (javax.xml.xpath.XPathFactory)23
ByteArrayOutputStream (java.io.ByteArrayOutputStream)22
DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22
PrivateKey (java.security.PrivateKey)20
InputStream (java.io.InputStream)17
ByteArrayInputStream (java.io.ByteArrayInputStream)16
XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15
NodeList (org.w3c.dom.NodeList)14
SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13
ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13
FileInputStream (java.io.FileInputStream)12
XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10
XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10
KeyStore (java.security.KeyStore)9
X509Certificate (java.security.cert.X509Certificate)8
