Examples with X509CertificatePrivateKeyPair org.olat.core.util.crypto.X509CertificatePrivateKeyPair used on opensource projects

Search in sources :

Example 1 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project OpenOLAT by OpenOLAT.

the class XMLDigitalSignatureUtilTest method readCertificatePrivateKeyPair.

/**
 * Preliminary test which read the certificate. The method is used in
 * every other test of the class.
 *
 * @throws Exception
 */
@Test
public void readCertificatePrivateKeyPair() throws Exception {
    X509CertificatePrivateKeyPair keyPair = getCertificatePrivateKeyPair();
    Assert.assertNotNull(keyPair);
    Assert.assertNotNull(keyPair.getPrivateKey());
    Assert.assertNotNull(keyPair.getX509Cert());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) Test(org.junit.Test)

Example 2 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project OpenOLAT by OpenOLAT.

the class XMLDigitalSignatureUtilTest method signAndValidate_notValid.

/**
 * Check that the signature validate the data too by slightly changing a value in
 * the signed XML file.
 *
 * @throws Exception
 */
@Test
public void signAndValidate_notValid() throws Exception {
    X509CertificatePrivateKeyPair certificateInfo = getCertificatePrivateKeyPair();
    URL xmlUrl = XMLDigitalSignatureUtilTest.class.getResource("assessmentResult.xml");
    File xmlFile = new File(xmlUrl.toURI());
    File xmlSignedFile = File.createTempFile("assessment-result", "_signed.xml");
    XMLDigitalSignatureUtil.signEmbedded(xmlFile, xmlSignedFile, certificateInfo.getX509Cert(), certificateInfo.getPrivateKey());
    Assert.assertTrue(xmlSignedFile.length() > 0);
    // the xml is signed and valid
    boolean valid = XMLDigitalSignatureUtil.validate(xmlSignedFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertTrue(valid);
    // change it a little bit
    String xml = FileUtils.load(xmlSignedFile, "UTF-8");
    String rogueXml = xml.replace("test7501c21c-c3db-468d-b5b8-c40339aaf323.xml", "test7501c21c-468d-b5b8-c40339aaf323.xml");
    Assert.assertNotEquals(xml, rogueXml);
    File xmlRogueFile = File.createTempFile("assessment-result", "_rogue.xml");
    FileUtils.save(xmlRogueFile, rogueXml, "UTF-8");
    // the xml is not valid
    boolean validity = XMLDigitalSignatureUtil.validate(xmlRogueFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertFalse(validity);
    // clean up
    Files.deleteIfExists(xmlSignedFile.toPath());
    Files.deleteIfExists(xmlRogueFile.toPath());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) File(java.io.File) URL(java.net.URL) Test(org.junit.Test)

Example 3 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project OpenOLAT by OpenOLAT.

the class XMLDigitalSignatureUtilTest method signDetachedAndValidate.

/**
 * Check if the cycle sign -> validation works
 *
 * @throws Exception
 */
@Test
public void signDetachedAndValidate() throws Exception {
    X509CertificatePrivateKeyPair certificateInfo = getCertificatePrivateKeyPair();
    URL xmlUrl = XMLDigitalSignatureUtilTest.class.getResource("assessmentResult.xml");
    File xmlFile = new File(xmlUrl.toURI());
    String xmlUri = xmlUrl.toURI().toString();
    File xmlSignatureFile = File.createTempFile("assessment-result", "_signature.xml");
    XMLDigitalSignatureUtil.signDetached(xmlUri, xmlFile, xmlSignatureFile, null, null, certificateInfo.getX509Cert(), certificateInfo.getPrivateKey());
    Assert.assertTrue(xmlSignatureFile.length() > 0);
    boolean valid = XMLDigitalSignatureUtil.validate(xmlUri, xmlFile, xmlSignatureFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertTrue(valid);
    // clean up
    Files.deleteIfExists(xmlSignatureFile.toPath());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) File(java.io.File) URL(java.net.URL) Test(org.junit.Test)

Example 4 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project OpenOLAT by OpenOLAT.

the class QTI21ServiceImpl method signAssessmentResult.

@Override
public void signAssessmentResult(AssessmentTestSession candidateSession, DigitalSignatureOptions signatureOptions, Identity assessedIdentity) {
    // nothing to do
    if (!qtiModule.isDigitalSignatureEnabled() || !signatureOptions.isDigitalSignature())
        return;
    try {
        File resultFile = getAssessmentResultFile(candidateSession);
        File signatureFile = new File(resultFile.getParentFile(), "assessmentResultSignature.xml");
        File certificateFile = qtiModule.getDigitalSignatureCertificateFile();
        X509CertificatePrivateKeyPair kp = CryptoUtil.getX509CertificatePrivateKeyPairPfx(certificateFile, qtiModule.getDigitalSignatureCertificatePassword());
        StringBuilder uri = new StringBuilder();
        uri.append(Settings.getServerContextPathURI()).append("/").append("RepositoryEntry/").append(candidateSession.getRepositoryEntry().getKey());
        if (StringHelper.containsNonWhitespace(candidateSession.getSubIdent())) {
            uri.append("/CourseNode/").append(candidateSession.getSubIdent());
        }
        uri.append("/TestSession/").append(candidateSession.getKey()).append("/assessmentResult.xml");
        Document signatureDoc = createSignatureDocumentWrapper(uri.toString(), assessedIdentity, signatureOptions);
        XMLDigitalSignatureUtil.signDetached(uri.toString(), resultFile, signatureFile, signatureDoc, certificateFile.getName(), kp.getX509Cert(), kp.getPrivateKey());
        if (signatureOptions.isDigitalSignature() && signatureOptions.getMailBundle() != null) {
            MailBundle mail = signatureOptions.getMailBundle();
            List<File> attachments = new ArrayList<>(2);
            attachments.add(signatureFile);
            mail.getContent().setAttachments(attachments);
            mailManager.sendMessageAsync(mail);
        }
    } catch (Exception e) {
        log.error("", e);
    }
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) ArrayList(java.util.ArrayList) Document(org.w3c.dom.Document) MailBundle(org.olat.core.util.mail.MailBundle) File(java.io.File) QtiXmlInterpretationException(uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException) TransformerException(javax.xml.transform.TransformerException) IOException(java.io.IOException) XmlResourceNotFoundException(uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException) OLATRuntimeException(org.olat.core.logging.OLATRuntimeException)

Example 5 with X509CertificatePrivateKeyPair

use of org.olat.core.util.crypto.X509CertificatePrivateKeyPair in project openolat by klemens.

the class XMLDigitalSignatureUtilTest method signAndValidate_notValid.

/**
 * Check that the signature validate the data too by slightly changing a value in
 * the signed XML file.
 *
 * @throws Exception
 */
@Test
public void signAndValidate_notValid() throws Exception {
    X509CertificatePrivateKeyPair certificateInfo = getCertificatePrivateKeyPair();
    URL xmlUrl = XMLDigitalSignatureUtilTest.class.getResource("assessmentResult.xml");
    File xmlFile = new File(xmlUrl.toURI());
    File xmlSignedFile = File.createTempFile("assessment-result", "_signed.xml");
    XMLDigitalSignatureUtil.signEmbedded(xmlFile, xmlSignedFile, certificateInfo.getX509Cert(), certificateInfo.getPrivateKey());
    Assert.assertTrue(xmlSignedFile.length() > 0);
    // the xml is signed and valid
    boolean valid = XMLDigitalSignatureUtil.validate(xmlSignedFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertTrue(valid);
    // change it a little bit
    String xml = FileUtils.load(xmlSignedFile, "UTF-8");
    String rogueXml = xml.replace("test7501c21c-c3db-468d-b5b8-c40339aaf323.xml", "test7501c21c-468d-b5b8-c40339aaf323.xml");
    Assert.assertNotEquals(xml, rogueXml);
    File xmlRogueFile = File.createTempFile("assessment-result", "_rogue.xml");
    FileUtils.save(xmlRogueFile, rogueXml, "UTF-8");
    // the xml is not valid
    boolean validity = XMLDigitalSignatureUtil.validate(xmlRogueFile, certificateInfo.getX509Cert().getPublicKey());
    Assert.assertFalse(validity);
    // clean up
    Files.deleteIfExists(xmlSignedFile.toPath());
    Files.deleteIfExists(xmlRogueFile.toPath());
}
Also used : X509CertificatePrivateKeyPair(org.olat.core.util.crypto.X509CertificatePrivateKeyPair) File(java.io.File) URL(java.net.URL) Test(org.junit.Test)

Aggregations

X509CertificatePrivateKeyPair (org.olat.core.util.crypto.X509CertificatePrivateKeyPair)20 File (java.io.File)16 Test (org.junit.Test)14 URL (java.net.URL)12 Document (org.w3c.dom.Document)6 IOException (java.io.IOException)4 TransformerException (javax.xml.transform.TransformerException)4 OLATRuntimeException (org.olat.core.logging.OLATRuntimeException)4 QtiXmlInterpretationException (uk.ac.ed.ph.jqtiplus.reading.QtiXmlInterpretationException)4 XmlResourceNotFoundException (uk.ac.ed.ph.jqtiplus.xmlutils.XmlResourceNotFoundException)4 ArrayList (java.util.ArrayList)2 MailBundle (org.olat.core.util.mail.MailBundle)2 AssessmentTestSession (org.olat.ims.qti21.AssessmentTestSession)2 DigitalSignatureValidation (org.olat.ims.qti21.model.DigitalSignatureValidation)2 InMemoryAssessmentTestSession (org.olat.ims.qti21.model.InMemoryAssessmentTestSession)2 Node (org.w3c.dom.Node)2 NodeList (org.w3c.dom.NodeList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial