本文整理汇总了Java中javax.xml.crypto.dsig.XMLSignContext类的典型用法代码示例。如果您正苦于以下问题:Java XMLSignContext类的具体用法?Java XMLSignContext怎么用?Java XMLSignContext使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
XMLSignContext类属于javax.xml.crypto.dsig包,在下文中一共展示了XMLSignContext类的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testJsr105ReferenceUri
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testJsr105ReferenceUri() throws Exception {
String uri = FilenameUtils.getName(new File("foo bar.txt").toURI().toURL().getFile());
KeyPair keyPair = generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document);
byte[] externalDocument = "hello world".getBytes();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
messageDigest.update(externalDocument);
byte[] documentDigestValue = messageDigest.digest();
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod,
signatureMethod, Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
xmlSignature.sign(signContext);
}
示例2: testJsr105Signature
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testJsr105Signature() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setIdAttribute("Id", true);
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
Reference reference = signatureFactory.newReference("#id-1234", digestMethod);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例3: testJsr105SignatureExternalXML
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testJsr105SignatureExternalXML() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.setURIDereferencer(new MyURIDereferencer());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
List<Transform> transforms = new LinkedList<Transform>();
Transform transform = signatureFactory.newTransform(CanonicalizationMethod.INCLUSIVE,
(TransformParameterSpec) null);
transforms.add(transform);
Reference reference = signatureFactory.newReference("/helloworld.xml", digestMethod, transforms, null, null);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例4: testJsr105SignatureExternalXMLWithDTD
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testJsr105SignatureExternalXMLWithDTD() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.setURIDereferencer(new MyURIDereferencer());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
List<Transform> transforms = new LinkedList<Transform>();
Transform transform = signatureFactory.newTransform(CanonicalizationMethod.INCLUSIVE,
(TransformParameterSpec) null);
LOG.debug("transform type: " + transform.getClass().getName());
transforms.add(transform);
Reference reference = signatureFactory.newReference("/bookstore.xml", digestMethod, transforms, null, null);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例5: testCoSignature
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testCoSignature() throws Exception {
// setup
Document document = PkiTestUtils
.loadDocument(CoSignatureFacetTest.class.getResourceAsStream("/helloworld.xml"));
KeyPair keyPair = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
CoSignatureFacet testedInstance = new CoSignatureFacet();
List<Reference> references = new LinkedList<Reference>();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
// operate
xmlSignature.sign(signContext);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList.getLength());
Node signatureNode = signatureNodeList.item(0);
DOMValidateContext domValidateContext = new DOMValidateContext(keyPair.getPublic(), signatureNode);
XMLSignature validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = validationXmlSignature.validate(domValidateContext);
assertTrue(validity);
document.getDocumentElement().getFirstChild().setNodeValue("test");
LOG.debug("signed document: " + PkiTestUtils.toString(document));
assertTrue(validationXmlSignature.validate(domValidateContext));
// really have to re-load the XML signature object.
validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
assertFalse(validationXmlSignature.validate(domValidateContext));
}
示例6: testCoSignatureUri
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testCoSignatureUri() throws Exception {
// setup
Document document = PkiTestUtils
.loadDocument(CoSignatureFacetTest.class.getResourceAsStream("/helloworld.xml"));
KeyPair keyPair = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
CoSignatureFacet testedInstance = new CoSignatureFacet(DigestAlgo.SHA1, "ref-1234");
List<Reference> references = new LinkedList<Reference>();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
// operate
xmlSignature.sign(signContext);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList.getLength());
Node signatureNode = signatureNodeList.item(0);
DOMValidateContext domValidateContext = new DOMValidateContext(keyPair.getPublic(), signatureNode);
XMLSignature validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = validationXmlSignature.validate(domValidateContext);
assertTrue(validity);
document.getDocumentElement().getFirstChild().setNodeValue("test");
LOG.debug("signed document: " + PkiTestUtils.toString(document));
assertTrue(validationXmlSignature.validate(domValidateContext));
// really have to re-load the XML signature object.
validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
assertFalse(validationXmlSignature.validate(domValidateContext));
}
示例7: testMultipleCoSignatures
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
@Test
public void testMultipleCoSignatures() throws Exception {
// setup
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
rootElement.appendChild(dataElement);
// add alot of nodes to test performance
// when using xpath v1 in the co signature facet the c14n became really
// slow
for (int i = 0; i < 80000; i++) {
Element fooElement = document.createElementNS("urn:test", "tns:foo");
fooElement.setTextContent("bar");
dataElement.appendChild(fooElement);
}
KeyPair keyPair1 = PkiTestUtils.generateKeyPair();
KeyPair keyPair2 = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
List<Reference> references = new LinkedList<Reference>();
CoSignatureFacet testedInstance = new CoSignatureFacet();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
// ds:SignedInfo
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
XMLSignature xmlSignature2 = signatureFactory.newXMLSignature(signedInfo, null);
// sign context
XMLSignContext signContext1 = new DOMSignContext(keyPair1.getPrivate(), document.getDocumentElement());
signContext1.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
XMLSignContext signContext2 = new DOMSignContext(keyPair2.getPrivate(), document.getDocumentElement());
signContext2.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
// operate
xmlSignature.sign(signContext1);
xmlSignature2.sign(signContext2);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(2, signatureNodeList.getLength());
Node signature1Node = signatureNodeList.item(0);
DOMValidateContext domValidateContext1 = new DOMValidateContext(keyPair1.getPublic(), signature1Node);
XMLSignature validationXmlSignature1 = signatureFactory.unmarshalXMLSignature(domValidateContext1);
boolean validity1 = validationXmlSignature1.validate(domValidateContext1);
assertTrue(validity1);
Node signature2Node = signatureNodeList.item(1);
DOMValidateContext domValidateContext2 = new DOMValidateContext(keyPair2.getPublic(), signature2Node);
XMLSignature validationXmlSignature2 = signatureFactory.unmarshalXMLSignature(domValidateContext2);
boolean validity2 = validationXmlSignature2.validate(domValidateContext2);
assertTrue(validity2);
// cut out first signature should not break second one
document.getDocumentElement().removeChild(signature1Node);
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList2 = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList2.getLength());
Node signature3Node = signatureNodeList2.item(0);
DOMValidateContext domValidateContext3 = new DOMValidateContext(keyPair2.getPublic(), signature3Node);
XMLSignature validationXmlSignature3 = signatureFactory.unmarshalXMLSignature(domValidateContext3);
boolean validity3 = validationXmlSignature3.validate(domValidateContext3);
assertTrue(validity3);
}
示例8: sign
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
/**
* Signs the bytes with the specified key, using the underlying
* Signature or Mac algorithm.
*
* @param key the signing key
* @param si the SignedInfo
* @param context the XMLSignContext
* @return the signature
* @throws NullPointerException if <code>key</code> or
* <code>si</code> are <code>null</code>
* @throws InvalidKeyException if the key is improperly encoded, of
* the wrong type, or parameters are missing, etc
* @throws XMLSignatureException if an unexpected error occurs
*/
abstract byte[] sign(Key key, SignedInfo si, XMLSignContext context)
throws InvalidKeyException, XMLSignatureException;
示例9: sign
import javax.xml.crypto.dsig.XMLSignContext; //导入依赖的package包/类
/**
* Signs the bytes with the specified key, using the underlying
* Signature or Mac algorithm.
*
* @param key the signing key
* @param si the SignedInfo
* @param context the XMLSignContext
* @return the signature
* @throws NullPointerException if <code>key</code> or
* <code>si</code> are <code>null</code>
* @throws InvalidKeyException if the key is improperly encoded, of
* the wrong type, or parameters are missing, etc
* @throws XMLSignatureException if an unexpected error occurs
*/
abstract byte[] sign(Key key, DOMSignedInfo si, XMLSignContext context)
throws InvalidKeyException, XMLSignatureException;