Examples with ResolverAnonymous org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous used on opensource projects

Example 1 with ResolverAnonymous

use of org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous in project xades4j by luisgoncalves.

the class XadesVerifierImpl method doCoreVerification.

private static void doCoreVerification(XMLSignature signature, SignatureSpecificVerificationOptions verificationOptions, X509Certificate validationCert) throws XAdES4jXMLSigException, InvalidSignatureException {
    List<ResourceResolver> resolvers = verificationOptions.getResolvers();
    if (!CollectionUtils.nullOrEmpty(resolvers)) {
        for (ResourceResolver resolver : resolvers) {
            signature.addResourceResolver(resolver);
        }
    }
    InputStream nullURIReferenceData = verificationOptions.getDataForAnonymousReference();
    if (nullURIReferenceData != null) {
        signature.addResourceResolver(new ResolverAnonymous(nullURIReferenceData));
    }
    try {
        if (signature.checkSignatureValue(validationCert)) {
            return;
        }
    } catch (XMLSignatureException ex) {
        throw new XAdES4jXMLSigException("Error verifying the signature", ex);
    }
    try {
        if (signature.getSignedInfo().verifyReferences()) // References are OK; this is a problem on the signature value
        // itself.
        {
            throw new SignatureValueException(signature);
        } else {
            // References are NOT OK; get the first invalid Reference.
            SignedInfo si = signature.getSignedInfo();
            for (int i = 0; i < si.getLength(); i++) {
                Reference r = si.item(i);
                if (!r.verify()) {
                    throw new ReferenceValueException(signature, r);
                }
            }
        }
    } catch (XMLSecurityException ex) {
        throw new XAdES4jXMLSigException("Error verifying the references", ex);
    }
}

Example 2 with ResolverAnonymous

use of org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous in project xades4j by luisgoncalves.

the class SignedDataObjectsProcessor method process.

/**
 * Processes the signed data objects and adds the corresponding {@code Reference}s
 * and {@code Object}s to the signature. This method must be invoked before
 * adding any other {@code Reference}s to the signature.
 *
 * @return the reference mappings resulting from the data object descriptions.
 *
 * @throws UnsupportedAlgorithmException
 * @throws IllegalStateException if the signature already contains {@code Reference}s
 */
Map<DataObjectDesc, Reference> process(SignedDataObjects signedDataObjects, XMLSignature xmlSignature) throws UnsupportedAlgorithmException {
    if (xmlSignature.getSignedInfo().getLength() != 0) {
        throw new IllegalStateException("XMLSignature already contais references");
    }
    for (ResourceResolver resolver : signedDataObjects.getResourceResolvers()) {
        xmlSignature.addResourceResolver(resolver);
    }
    Collection<DataObjectDesc> dataObjsDescs = signedDataObjects.getDataObjectsDescs();
    Map<DataObjectDesc, Reference> referenceMappings = new IdentityHashMap<DataObjectDesc, Reference>(dataObjsDescs.size());
    String refUri, refType;
    Transforms transforms;
    String digestMethodUri = this.algorithmsProvider.getDigestAlgorithmForDataObjsReferences();
    boolean hasNullURIReference = false;
    /**/
    try {
        for (DataObjectDesc dataObjDesc : dataObjsDescs) {
            transforms = processTransforms(dataObjDesc, xmlSignature.getDocument());
            if (dataObjDesc instanceof DataObjectReference) {
                // If the data object info is a DataObjectReference, the Reference uri
                // and type are the ones specified on the object.
                DataObjectReference dataObjRef = (DataObjectReference) dataObjDesc;
                refUri = dataObjRef.getUri();
                refType = dataObjRef.getType();
            } else if (dataObjDesc instanceof EnvelopedXmlObject) {
                // If the data object info is a EnvelopedXmlObject we need to create a
                // XMLObject to embed it. The Reference uri will refer the new
                // XMLObject's id.
                EnvelopedXmlObject envXmlObj = (EnvelopedXmlObject) dataObjDesc;
                refUri = String.format("%s-object%d", xmlSignature.getId(), xmlSignature.getObjectLength());
                refType = Reference.OBJECT_URI;
                ObjectContainer xmlObj = new ObjectContainer(xmlSignature.getDocument());
                xmlObj.setId(refUri);
                xmlObj.appendChild(envXmlObj.getContent());
                xmlObj.setMimeType(envXmlObj.getMimeType());
                xmlObj.setEncoding(envXmlObj.getEncoding());
                xmlSignature.appendObject(xmlObj);
                refUri = '#' + refUri;
            } else if (dataObjDesc instanceof AnonymousDataObjectReference) {
                if (hasNullURIReference) {
                    // This shouldn't happen because SignedDataObjects does the validation.
                    throw new IllegalStateException("Multiple AnonymousDataObjectReference detected");
                }
                hasNullURIReference = true;
                refUri = refType = null;
                AnonymousDataObjectReference anonymousRef = (AnonymousDataObjectReference) dataObjDesc;
                xmlSignature.addResourceResolver(new ResolverAnonymous(anonymousRef.getDataStream()));
            } else {
                throw new ClassCastException("Unsupported SignedDataObjectDesc. Must be one of DataObjectReference, EnvelopedXmlObject and AnonymousDataObjectReference");
            }
            // Add the Reference. References need an ID because data object
            // properties may refer them.
            xmlSignature.addDocument(refUri, transforms, digestMethodUri, // id
            String.format("%s-ref%d", xmlSignature.getId(), referenceMappings.size()), refType);
            // SignedDataObjects doesn't allow repeated instances, so there's no
            // need to check for duplicate entries on the map.
            Reference ref = xmlSignature.getSignedInfo().item(referenceMappings.size());
            referenceMappings.put(dataObjDesc, ref);
        }
    } catch (XMLSignatureException ex) {
        // algorithm is not supported.
        throw new UnsupportedAlgorithmException("Digest algorithm not supported in the XML Signature provider", digestMethodUri, ex);
    } catch (org.apache.xml.security.exceptions.XMLSecurityException ex) {
        // when signing.
        throw new IllegalStateException(ex);
    }
    return Collections.unmodifiableMap(referenceMappings);
}

Example 3 with ResolverAnonymous

use of org.apache.xml.security.utils.resolver.implementations.ResolverAnonymous in project santuario-java by apache.

the class IAIKTest method test_coreFeatures_signatures_anonymousReferenceSignature.

/**
 * Method test_coreFeatures_signatures_anonymousReferenceSignature
 *
 * @throws Exception
 */
@org.junit.Test
public void test_coreFeatures_signatures_anonymousReferenceSignature() throws Exception {
    String filename = gregorsDir + "coreFeatures/signatures/anonymousReferenceSignature.xml";
    String anonymousRef = gregorsDir + "coreFeatures/samples/anonymousReferenceContent.xml";
    ResourceResolverSpi resolver = new ResolverAnonymous(anonymousRef);
    boolean followManifests = false;
    boolean verify = false;
    try {
        verify = this.verify(filename, resolver, followManifests);
    } catch (RuntimeException ex) {
        LOG.error("Verification crashed for " + filename);
        throw ex;
    }
    if (!verify) {
        LOG.error("Verification failed for " + filename);
    }
    assertTrue(filename, verify);
}