Search in sources :

Example 31 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class TransformBase64DecodeTest method test1.

@org.junit.jupiter.api.Test
public void test1() throws Exception {
    // base64 encoded
    String s1 = "VGhlIFVSSSBvZiB0aGUgdHJhbnNmb3JtIGlzIGh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1s\n" + "ZHNpZyNiYXNlNjQ=";
    Document doc = TransformBase64DecodeTest.createDocument();
    Transforms t = new Transforms(doc);
    doc.appendChild(t.getElement());
    t.addTransform(Transforms.TRANSFORM_BASE64_DECODE);
    XMLSignatureInput in = null;
    try (InputStream is = new ByteArrayInputStream(s1.getBytes())) {
        in = new XMLSignatureInput(is);
    }
    XMLSignatureInput out = t.performTransforms(in);
    String result = new String(out.getBytes());
    assertEquals(result, "The URI of the transform is http://www.w3.org/2000/09/xmldsig#base64");
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) Transforms(org.apache.xml.security.transforms.Transforms) XMLSignatureInput(org.apache.xml.security.signature.XMLSignatureInput) Document(org.w3c.dom.Document)

Example 32 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class CreateSignatureTest method testSignatureProperties.

@org.junit.jupiter.api.Test
public void testSignatureProperties() throws Exception {
    PrivateKey privateKey = kp.getPrivate();
    Document doc = TestUtils.newDocument();
    Element root = doc.createElementNS("", "RootElement");
    doc.appendChild(root);
    root.appendChild(doc.createTextNode("Some simple text\n"));
    Element canonElem = XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
    canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
    XMLSignature sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem);
    String id = "12345";
    sig.setId(id);
    ObjectContainer object = new ObjectContainer(doc);
    SignatureProperties signatureProperties = new SignatureProperties(doc);
    String sigPropertiesId = "54321";
    signatureProperties.setId(sigPropertiesId);
    SignatureProperty signatureProperty = new SignatureProperty(doc, "#" + id);
    signatureProperties.addSignatureProperty(signatureProperty);
    object.appendChild(signatureProperties.getElement());
    signatureProperties.getElement().setIdAttributeNS(null, "Id", true);
    sig.appendObject(object);
    sig.addDocument("#" + sigPropertiesId);
    root.appendChild(sig.getElement());
    Transforms transforms = new Transforms(doc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
    sig.addKeyInfo(kp.getPublic());
    sig.sign(privateKey);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    XMLUtils.outputDOMc14nWithComments(doc, bos);
    String signedContent = new String(bos.toByteArray());
    doVerify(signedContent, 1);
}
Also used : PrivateKey(java.security.PrivateKey) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) SignatureProperties(org.apache.xml.security.signature.SignatureProperties) SignatureAlgorithm(org.apache.xml.security.algorithms.SignatureAlgorithm) ByteArrayOutputStream(java.io.ByteArrayOutputStream) Document(org.w3c.dom.Document) SignatureProperty(org.apache.xml.security.signature.SignatureProperty) ObjectContainer(org.apache.xml.security.signature.ObjectContainer)

Example 33 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class CreateSignatureTest method testXPathSignature.

@org.junit.jupiter.api.Test
public void testXPathSignature() throws Exception {
    Document doc = TestUtils.newDocument();
    doc.appendChild(doc.createComment(" Comment before "));
    Element root = doc.createElementNS("", "RootElement");
    doc.appendChild(root);
    root.appendChild(doc.createTextNode("Some simple text\n"));
    // Sign
    XMLSignature sig = new XMLSignature(doc, null, XMLSignature.ALGO_ID_SIGNATURE_RSA);
    root.appendChild(sig.getElement());
    ObjectContainer object = new ObjectContainer(doc);
    object.setId("object-1");
    object.setMimeType("text/plain");
    object.setEncoding("http://www.w3.org/2000/09/xmldsig#base64");
    object.appendChild(doc.createTextNode("SSBhbSB0aGUgdGV4dC4="));
    sig.appendObject(object);
    Transforms transforms = new Transforms(doc);
    XPathContainer xpathC = new XPathContainer(doc);
    xpathC.setXPath("ancestor-or-self::dsig-xpath:Object");
    xpathC.setXPathNamespaceContext("dsig-xpath", Transforms.TRANSFORM_XPATH);
    Element node = xpathC.getElement();
    transforms.addTransform(Transforms.TRANSFORM_XPATH, node);
    sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
    sig.sign(kp.getPrivate());
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    XMLUtils.outputDOMc14nWithComments(doc, bos);
    String signedDoc = new String(bos.toByteArray());
    // Now Verify
    try (InputStream is = new ByteArrayInputStream(signedDoc.getBytes())) {
        doc = XMLUtils.read(is, false);
    }
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, doc, XPathConstants.NODE);
    XMLSignature signature = new XMLSignature(sigElement, "");
    assertTrue(signature.checkSignatureValue(kp.getPublic()));
}
Also used : XPath(javax.xml.xpath.XPath) ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) ByteArrayOutputStream(java.io.ByteArrayOutputStream) Document(org.w3c.dom.Document) XPathContainer(org.apache.xml.security.transforms.params.XPathContainer) XPathFactory(javax.xml.xpath.XPathFactory) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) ObjectContainer(org.apache.xml.security.signature.ObjectContainer)

Example 34 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class CreateSignatureTest method testSHA256Digest.

@org.junit.jupiter.api.Test
public void testSHA256Digest() throws Exception {
    PrivateKey privateKey = kp.getPrivate();
    Document doc = TestUtils.newDocument();
    doc.appendChild(doc.createComment(" Comment before "));
    Element root = doc.createElementNS("", "RootElement");
    doc.appendChild(root);
    root.appendChild(doc.createTextNode("Some simple text\n"));
    Element canonElem = XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
    canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    XMLSignature sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem);
    root.appendChild(sig.getElement());
    doc.appendChild(doc.createComment(" Comment after "));
    Transforms transforms = new Transforms(doc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    sig.addDocument("", transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA256);
    sig.addKeyInfo(kp.getPublic());
    sig.sign(privateKey);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    XMLUtils.outputDOMc14nWithComments(doc, bos);
    String signedContent = new String(bos.toByteArray());
    doVerify(signedContent);
}
Also used : PrivateKey(java.security.PrivateKey) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) SignatureAlgorithm(org.apache.xml.security.algorithms.SignatureAlgorithm) ByteArrayOutputStream(java.io.ByteArrayOutputStream) Document(org.w3c.dom.Document)

Example 35 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class XMLParserTest method sign.

private XMLSignature sign(String algorithm, Document document, List<String> localNames, Key signingKey, AlgorithmParameterSpec parameterSpec) throws Exception {
    String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    XMLSignature sig = new XMLSignature(document, "", algorithm, 0, c14nMethod, null, parameterSpec);
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
        for (int i = 0; i < elementsToSign.getLength(); i++) {
            Element elementToSign = (Element) elementsToSign.item(i);
            assertNotNull(elementToSign);
            String id = UUID.randomUUID().toString();
            elementToSign.setAttributeNS(null, "Id", id);
            elementToSign.setIdAttributeNS(null, "Id", true);
            Transforms transforms = new Transforms(document);
            transforms.addTransform(c14nMethod);
            String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
            sig.addDocument("#" + id, transforms, digestMethod);
        }
    }
    sig.sign(signingKey);
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
    assertNotNull(sigElement);
    return sig;
}
Also used : XPath(javax.xml.xpath.XPath) XPathFactory(javax.xml.xpath.XPathFactory) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) Transforms(org.apache.xml.security.transforms.Transforms)

Aggregations

Transforms (org.apache.xml.security.transforms.Transforms)94 XMLSignature (org.apache.xml.security.signature.XMLSignature)66 Element (org.w3c.dom.Element)57 Document (org.w3c.dom.Document)45 XPath (javax.xml.xpath.XPath)24 XPathFactory (javax.xml.xpath.XPathFactory)23 ByteArrayOutputStream (java.io.ByteArrayOutputStream)22 DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22 PrivateKey (java.security.PrivateKey)20 InputStream (java.io.InputStream)17 ByteArrayInputStream (java.io.ByteArrayInputStream)16 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15 NodeList (org.w3c.dom.NodeList)14 SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13 ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13 FileInputStream (java.io.FileInputStream)12 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10 XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10 KeyStore (java.security.KeyStore)9 X509Certificate (java.security.cert.X509Certificate)8