Search in sources :

Example 36 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class ECDSASignatureTest method doSign.

private byte[] doSign(PrivateKey privateKey, X509Certificate x509, PublicKey publicKey) throws Exception {
    org.w3c.dom.Document doc = TestUtils.newDocument();
    doc.appendChild(doc.createComment(" Comment before "));
    Element root = doc.createElementNS("", "RootElement");
    doc.appendChild(root);
    root.appendChild(doc.createTextNode("Some simple text\n"));
    Element canonElem = XMLUtils.createElementInSignatureSpace(doc, Constants._TAG_CANONICALIZATIONMETHOD);
    canonElem.setAttributeNS(null, Constants._ATT_ALGORITHM, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    SignatureAlgorithm signatureAlgorithm = new SignatureAlgorithm(doc, XMLSignature.ALGO_ID_SIGNATURE_ECDSA_SHA1);
    XMLSignature sig = new XMLSignature(doc, null, signatureAlgorithm.getElement(), canonElem);
    root.appendChild(sig.getElement());
    doc.appendChild(doc.createComment(" Comment after "));
    Transforms transforms = new Transforms(doc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
    if (x509 != null) {
        sig.addKeyInfo(x509);
    } else {
        sig.addKeyInfo(publicKey);
    }
    sig.sign(privateKey);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    XMLUtils.outputDOMc14nWithComments(doc, bos);
    return bos.toByteArray();
}
Also used : XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) SignatureAlgorithm(org.apache.xml.security.algorithms.SignatureAlgorithm) ByteArrayOutputStream(java.io.ByteArrayOutputStream)

Example 37 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class SignatureTest method signDocument.

private XMLSignature signDocument(Document doc, Provider provider) throws Throwable {
    XMLSignature sig = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_DSA, provider);
    Element root = doc.getDocumentElement();
    root.appendChild(sig.getElement());
    sig.getSignedInfo().addResourceResolver(new ResolverXPointer());
    Transforms transforms = new Transforms(doc);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
    sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
    sig.addKeyInfo(getPublicKey());
    sig.sign(getPrivateKey());
    return sig;
}
Also used : ResolverXPointer(org.apache.xml.security.utils.resolver.implementations.ResolverXPointer) XMLSignature(org.apache.xml.security.signature.XMLSignature) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms)

Example 38 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class SignedEncryptedTest method secureAndVerify.

public void secureAndVerify(TransformerFactory transformerFactory, boolean useDocumentSerializer) throws Exception {
    Document document = null;
    try (InputStream is = new ByteArrayInputStream(SAMPLE_MSG.getBytes(StandardCharsets.UTF_8))) {
        document = XMLUtils.read(is, false);
    }
    // Set up the Key
    KeyPairGenerator rsaKeygen = KeyPairGenerator.getInstance("RSA");
    KeyPair kp = rsaKeygen.generateKeyPair();
    PrivateKey priv = kp.getPrivate();
    PublicKey pub = kp.getPublic();
    XMLSignature sig = new XMLSignature(document, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1, Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
    Element sigElement = sig.getElement();
    document.getDocumentElement().appendChild(sigElement);
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    Element element = (Element) xpath.evaluate("//*[local-name()='Body']", document, XPathConstants.NODE);
    String id = UUID.randomUUID().toString();
    element.setAttributeNS(null, "Id", id);
    element.setIdAttributeNS(null, "Id", true);
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
    sig.addDocument("#" + id, transforms, Constants.ALGO_ID_DIGEST_SHA1);
    sig.addKeyInfo(pub);
    sig.sign(priv);
    KeyGenerator keygen = KeyGenerator.getInstance("AES");
    keygen.init(256);
    SecretKey secretKey = keygen.generateKey();
    XMLCipher cipher = XMLCipher.getInstance(XMLCipher.AES_128);
    cipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
    document = cipher.doFinal(document, element, true);
    XMLCipher deCipher = null;
    if (useDocumentSerializer) {
        deCipher = XMLCipher.getInstance(XMLCipher.AES_128, new DocumentSerializer(true));
    } else {
        TransformSerializer serializer = new TransformSerializer(true);
        Field f = serializer.getClass().getDeclaredField("transformerFactory");
        f.setAccessible(true);
        f.set(serializer, transformerFactory);
        deCipher = XMLCipher.getInstance(XMLCipher.AES_128, serializer);
    }
    deCipher.init(XMLCipher.DECRYPT_MODE, secretKey);
    deCipher.doFinal(document, element, true);
    XMLSignature xmlSignatureVerifier = new XMLSignature(sigElement, "");
    assertTrue(xmlSignatureVerifier.checkSignatureValue(pub));
}
Also used : XPath(javax.xml.xpath.XPath) KeyPair(java.security.KeyPair) PrivateKey(java.security.PrivateKey) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) PublicKey(java.security.PublicKey) Element(org.w3c.dom.Element) Transforms(org.apache.xml.security.transforms.Transforms) XMLCipher(org.apache.xml.security.encryption.XMLCipher) KeyPairGenerator(java.security.KeyPairGenerator) Document(org.w3c.dom.Document) TransformSerializer(org.apache.xml.security.encryption.TransformSerializer) XPathFactory(javax.xml.xpath.XPathFactory) Field(java.lang.reflect.Field) SecretKey(javax.crypto.SecretKey) ByteArrayInputStream(java.io.ByteArrayInputStream) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) DocumentSerializer(org.apache.xml.security.encryption.DocumentSerializer) KeyGenerator(javax.crypto.KeyGenerator)

Example 39 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class Bug45961Test method getTransforms.

private Transforms getTransforms(Document document) throws Exception {
    Transforms transforms = new Transforms(document);
    transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
    return transforms;
}
Also used : Transforms(org.apache.xml.security.transforms.Transforms)

Example 40 with Transforms

use of org.apache.xml.security.transforms.Transforms in project santuario-java by apache.

the class PKSignatureAlgorithmTest method sign.

private XMLSignature sign(String algorithm, Document document, List<String> localNames, Key signingKey, AlgorithmParameterSpec parameterSpec) throws Exception {
    String c14nMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    XMLSignature sig = new XMLSignature(document, "", algorithm, 0, c14nMethod, null, parameterSpec);
    Element root = document.getDocumentElement();
    root.appendChild(sig.getElement());
    XPathFactory xpf = XPathFactory.newInstance();
    XPath xpath = xpf.newXPath();
    xpath.setNamespaceContext(new DSNamespaceContext());
    for (String localName : localNames) {
        String expression = "//*[local-name()='" + localName + "']";
        NodeList elementsToSign = (NodeList) xpath.evaluate(expression, document, XPathConstants.NODESET);
        for (int i = 0; i < elementsToSign.getLength(); i++) {
            Element elementToSign = (Element) elementsToSign.item(i);
            assertNotNull(elementToSign);
            String id = UUID.randomUUID().toString();
            elementToSign.setAttributeNS(null, "Id", id);
            elementToSign.setIdAttributeNS(null, "Id", true);
            Transforms transforms = new Transforms(document);
            transforms.addTransform(c14nMethod);
            String digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
            sig.addDocument("#" + id, transforms, digestMethod);
        }
    }
    sig.sign(signingKey);
    String expression = "//ds:Signature[1]";
    Element sigElement = (Element) xpath.evaluate(expression, document, XPathConstants.NODE);
    assertNotNull(sigElement);
    return sig;
}
Also used : XPath(javax.xml.xpath.XPath) XPathFactory(javax.xml.xpath.XPathFactory) XMLSignature(org.apache.xml.security.signature.XMLSignature) DSNamespaceContext(org.apache.xml.security.test.dom.DSNamespaceContext) Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) Transforms(org.apache.xml.security.transforms.Transforms)

Aggregations

Transforms (org.apache.xml.security.transforms.Transforms)94 XMLSignature (org.apache.xml.security.signature.XMLSignature)66 Element (org.w3c.dom.Element)57 Document (org.w3c.dom.Document)45 XPath (javax.xml.xpath.XPath)24 XPathFactory (javax.xml.xpath.XPathFactory)23 ByteArrayOutputStream (java.io.ByteArrayOutputStream)22 DSNamespaceContext (org.apache.xml.security.test.dom.DSNamespaceContext)22 PrivateKey (java.security.PrivateKey)20 InputStream (java.io.InputStream)17 ByteArrayInputStream (java.io.ByteArrayInputStream)16 XMLSecurityException (org.apache.xml.security.exceptions.XMLSecurityException)15 NodeList (org.w3c.dom.NodeList)14 SignatureAlgorithm (org.apache.xml.security.algorithms.SignatureAlgorithm)13 ObjectContainer (org.apache.xml.security.signature.ObjectContainer)13 FileInputStream (java.io.FileInputStream)12 XMLSignatureException (org.apache.xml.security.signature.XMLSignatureException)10 XPathContainer (org.apache.xml.security.transforms.params.XPathContainer)10 KeyStore (java.security.KeyStore)9 X509Certificate (java.security.cert.X509Certificate)8