本文整理汇总了Java中org.apache.xml.security.signature.SignedInfo类的典型用法代码示例。如果您正苦于以下问题:Java SignedInfo类的具体用法?Java SignedInfo怎么用?Java SignedInfo使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SignedInfo类属于org.apache.xml.security.signature包,在下文中一共展示了SignedInfo类的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getDigestMethodAlgorithm
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
private static String getDigestMethodAlgorithm(final Optional<Signature> signature) {
if (signature.isPresent()) {
XMLSignature xmlSignature = ((SignatureImpl) signature.get()).getXMLSignature();
if (xmlSignature != null) {
SignedInfo signedInfo = xmlSignature.getSignedInfo();
try {
if (signedInfo != null && signedInfo.getLength() != 0 && signedInfo.item(0) != null) {
MessageDigestAlgorithm messageDigestAlgorithm = signedInfo.item(0).getMessageDigestAlgorithm();
if (messageDigestAlgorithm != null) {
return messageDigestAlgorithm.getJCEAlgorithmString();
}
}
} catch (XMLSecurityException e) {
LOG.debug(format("Error getting message digest algorithm: {0}", e));
}
}
}
return null;
}
示例2: checkReferences
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
private void checkReferences(XMLSignature xmlSignature) throws Exception {
SignedInfo signedInfo = xmlSignature.getSignedInfo();
assertTrue(signedInfo.getLength() > 0);
for (int i = 0; i < signedInfo.getLength(); i++) {
Reference reference = signedInfo.item(i);
assertNotNull(reference);
ReferenceData referenceData = reference.getReferenceData();
assertNotNull(referenceData);
if (referenceData instanceof ReferenceNodeSetData) {
Iterator<Node> iter = ((ReferenceNodeSetData)referenceData).iterator();
assertTrue(iter.hasNext());
boolean found = false;
while (iter.hasNext()) {
Node n = iter.next();
if (n instanceof Element) {
found = true;
break;
}
}
assertTrue(found);
} else if (referenceData instanceof ReferenceOctetStreamData) {
assertNotNull(((ReferenceOctetStreamData)referenceData).getOctetStream());
}
}
}
示例3: PropertiesDataGenerationContext
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
/**
* A simple constructor to be used when only unsigned signature properties
* will be processed.
* @param targetXmlSignature the target signature
* @param algorithmsProvider algorithms in use
*/
PropertiesDataGenerationContext(XMLSignature targetXmlSignature) throws XAdES4jXMLSigException
{
this.targetXmlSignature = targetXmlSignature;
this.sigDocument = targetXmlSignature.getDocument();
this.referencesMappings = null;
SignedInfo signedInfo = targetXmlSignature.getSignedInfo();
List<Reference> refs = new ArrayList<Reference>(signedInfo.getLength());
for (int i = 0; i < signedInfo.getLength(); i++)
{
try
{
refs.add(signedInfo.item(i));
} catch (XMLSecurityException ex)
{
throw new XAdES4jXMLSigException(String.format("Cannot process the %dth reference", i), ex);
}
}
this.references = Collections.unmodifiableList(refs);
}
示例4: testSignSigningCertificateIfIncluded
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@Test
public void testSignSigningCertificateIfIncluded() throws Exception
{
System.out.println("signSigningCertificateIfIncluded");
KeyInfoBuilder keyInfoBuilder = new KeyInfoBuilder(
new TestBasicSignatureOptionsProvider(true, true, true),
new TestAlgorithmsProvider(),
new TestAlgorithmsParametersMarshallingProvider());
XMLSignature xmlSignature = getTestSignature();
keyInfoBuilder.buildKeyInfo(testCertificate, xmlSignature);
SignedInfo signedInfo = xmlSignature.getSignedInfo();
Assert.assertEquals(1, signedInfo.getLength());
Node refNode = signedInfo.item(0).getContentsBeforeTransformation().getSubNode();
Assert.assertSame(xmlSignature.getKeyInfo().getElement(), refNode);
Assert.assertEquals(1, xmlSignature.getKeyInfo().lengthX509Data());
}
示例5: getDigestAlgorithm
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
/**
* Returns the digest algorithm identifier from the signature
*
* @return The algorithm identifier
* @throws SAMLException Thrown if the signature is missing
*/
public String getDigestAlgorithm()
throws SAMLException
{
if (isSigned()) {
SignedInfo si=sig.getSignedInfo();
if (si.getLength()==1) {
Reference ref;
try {
ref = si.item(0);
return ref.getMessageDigestAlgorithm().getAlgorithmURI();
}
catch (XMLSecurityException e) {
throw new InvalidCryptoException("SAMLSignedObject.getDigestAlgorithm() detected an XML security exception: " + e.getMessage(),e);
}
}
}
throw new InvalidCryptoException("SAMLSignedObject.getDigestAlgorithm() can't examine unsigned or improperly signed object");
}
示例6: unmarshall
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
/** {@inheritDoc} */
public Signature unmarshall(Element signatureElement) throws UnmarshallingException {
log.debug("Starting to unmarshall Apache XML-Security-based SignatureImpl element");
SignatureImpl signature = new SignatureImpl(signatureElement.getNamespaceURI(),
signatureElement.getLocalName(), signatureElement.getPrefix());
try {
log.debug("Constructing Apache XMLSignature object");
XMLSignature xmlSignature = new XMLSignature(signatureElement, "");
SignedInfo signedInfo = xmlSignature.getSignedInfo();
log.debug("Adding canonicalization and signing algorithms, and HMAC output length to Signature");
signature.setCanonicalizationAlgorithm(signedInfo.getCanonicalizationMethodURI());
signature.setSignatureAlgorithm(signedInfo.getSignatureMethodURI());
signature.setHMACOutputLength(getHMACOutputLengthValue(signedInfo.getSignatureMethodElement()));
org.apache.xml.security.keys.KeyInfo xmlSecKeyInfo = xmlSignature.getKeyInfo();
if (xmlSecKeyInfo != null) {
log.debug("Adding KeyInfo to Signature");
Unmarshaller unmarshaller = Configuration.getUnmarshallerFactory().getUnmarshaller(
xmlSecKeyInfo.getElement());
KeyInfo keyInfo = (KeyInfo) unmarshaller.unmarshall(xmlSecKeyInfo.getElement());
signature.setKeyInfo(keyInfo);
}
signature.setXMLSignature(xmlSignature);
signature.setDOM(signatureElement);
return signature;
} catch (XMLSecurityException e) {
log.error("Error constructing Apache XMLSignature instance from Signature element: {}", e.getMessage());
throw new UnmarshallingException("Unable to unmarshall Signature with Apache XMLSignature", e);
}
}
示例7: testCanonicalizedOctetStream
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@org.junit.Test
public void testCanonicalizedOctetStream() throws Exception {
String signedXML = doSign();
Document doc = db.parse(new ByteArrayInputStream(signedXML.getBytes()));
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
xpath.setNamespaceContext(new DSNamespaceContext());
String expression = "//ds:Signature[1]";
Element sigElement =
(Element) xpath.evaluate(expression, doc, XPathConstants.NODE);
XMLSignature signature = new XMLSignature(sigElement, "");
KeyInfo ki = signature.getKeyInfo();
if (ki == null) {
throw new RuntimeException("No keyinfo");
}
PublicKey pk = signature.getKeyInfo().getPublicKey();
if (pk == null) {
throw new RuntimeException("No public key");
}
SignedInfo si = signature.getSignedInfo();
SignatureAlgorithm sa = si.getSignatureAlgorithm();
sa.initVerify(pk);
byte[] sigBytes = signature.getSignatureValue();
byte[] canonicalizedBytes = si.getCanonicalizedOctetStream();
sa.update(canonicalizedBytes, 0, canonicalizedBytes.length);
assertTrue(sa.verify(sigBytes));
assertTrue(si.verify(false));
}
示例8: testSigningVerifyingReference
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@org.junit.Test
public void testSigningVerifyingReference() throws Throwable {
Document doc = getOriginalDocument();
XMLSignature signature = signDocument(doc);
PublicKey pubKey = getPublicKey();
assertTrue(signature.checkSignatureValue(pubKey));
// Check the reference(s)
SignedInfo signedInfo = signature.getSignedInfo();
assertTrue(signedInfo.getLength() == 1);
Reference reference = signedInfo.item(0);
ReferenceData referenceData = reference.getReferenceData();
assertNotNull(referenceData);
assertTrue(referenceData instanceof ReferenceNodeSetData);
// Test the cached Element
Element referenceElement =
(Element)((ReferenceNodeSetData)referenceData).iterator().next();
assertNotNull(referenceElement);
assertTrue("root".equals(referenceElement.getLocalName()));
Element originalElement =
(Element) doc.getElementsByTagNameNS("http://ns.example.org/", "root").item(0);
assertNotNull(originalElement);
assertEquals(referenceElement, originalElement);
}
示例9: testJsr105ReferenceUri
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@Test
public void testJsr105ReferenceUri() throws Exception {
String uri = FilenameUtils.getName(new File("foo bar.txt").toURI().toURL().getFile());
KeyPair keyPair = generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document);
byte[] externalDocument = "hello world".getBytes();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
messageDigest.update(externalDocument);
byte[] documentDigestValue = messageDigest.digest();
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod,
signatureMethod, Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
xmlSignature.sign(signContext);
}
示例10: testSecurityReferenceIsSignedWithSTRTransform
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@Test
public void testSecurityReferenceIsSignedWithSTRTransform() throws Exception {
Assertion assertion = (Assertion) SAMLUtil.unmarshallElement(getClass().getResourceAsStream("assertion.xml"));
env.addSecurityTokenReference(assertion, true);
Security sec = env.getHeaderElement(Security.class);
assertNotNull(SAMLUtil.getFirstElement(sec, Assertion.class));
Element signed = env.sign(TestHelper.getCredential());
env = new OIOSoapEnvelope((Envelope) SAMLUtil.unmarshallElementFromString(XMLHelper.nodeToString(signed)));
sec = env.getHeaderElement(Security.class);
SecurityTokenReference str = SAMLUtil.getFirstElement(sec, SecurityTokenReference.class);
assertNotNull(str);
assertEquals(assertion.getID(), SAMLUtil.getFirstElement(str, KeyIdentifier.class).getValue());
Signature sig = SAMLUtil.getFirstElement(sec, Signature.class);
SignedInfo si = new XMLSignature(sig.getDOM(), null).getSignedInfo();
boolean found = false;
for (int i = 0; i < si.getLength(); i++) {
XMLSignatureInput ref = si.getReferencedContentBeforeTransformsItem(i);
System.out.println(ref.getSourceURI());
if (("#" + str.getWSUId()).equals(ref.getSourceURI())) {
found = true;
}
}
assertTrue(found);
}
示例11: verify
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@Override
public QualifyingProperty verify(
GenericDOMData propData,
QualifyingPropertyVerificationContext ctx) throws InvalidPropertyException
{
XAdESVerificationResult res;
try
{
Element sigElem = DOMHelper.getFirstChildElement(propData.getPropertyElement());
res = verifier.verify(sigElem, null);
} catch (XAdES4jException ex)
{
throw new CounterSignatureXadesVerificationException(ex);
}
// "Check that the enclosed signature correctly references the ds:SignatureValue
// present in the countersigned XAdES signature."
Node targetSigValueElem = ctx.getSignature().getElement().getElementsByTagNameNS(
Constants.SignatureSpecNS, Constants._TAG_SIGNATUREVALUE).item(0);
try
{
SignedInfo si = res.getXmlSignature().getSignedInfo();
for (int i = 0; i < si.getLength(); i++)
{
Reference r = si.item(i);
if (r.getContentsAfterTransformation().getSubNode() == targetSigValueElem)
// The signature references the SignatureValue element.
return new CounterSignatureProperty(res);
}
throw new CounterSignatureSigValueRefException();
} catch (XMLSecurityException e)
{
// Shouldn't happen because the signature was already verified.
throw new CounterSignatureVerificationException(e);
}
}
示例12: main
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
/**
* Method main
*
* @param unused
* @throws Exception
*/
public static void main(String unused[]) throws Exception {
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
try {
File signatureFile = new File("build/collectableSignature.xml");
String BaseURI = signatureFile.toURI().toURL().toString();
System.out.println("Try to verify "
+ signatureFile.toURI().toURL().toString());
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
db.setErrorHandler(new org.apache.xml.security.utils.IgnoreAllErrorHandler());
org.w3c.dom.Document doc =
db.parse(new java.io.FileInputStream(signatureFile));
XPathFactory xpf = XPathFactory.newInstance();
XPath xpath = xpf.newXPath();
xpath.setNamespaceContext(new DSNamespaceContext());
String expression = "//ds:Signature[1]";
NodeList signatureElems =
(NodeList) xpath.evaluate(expression, doc, XPathConstants.NODESET);
for (int i = 0; i < signatureElems.getLength(); i++) {
Element sigElement = (Element) signatureElems.item(i);
XMLSignature signature = new XMLSignature(sigElement, BaseURI);
byte[] secretKey = "secretValue".getBytes();
System.out.println(
"The XML signature number " + i + " in file " + BaseURI + " is "
+ (signature.checkSignatureValue(
signature.createSecretKey(
CreateCollectableSignature.passphrase.getBytes()
)
) ? "valid (good)" : "invalid !!!!! (bad)"));
SignedInfo s = signature.getSignedInfo();
for (int j = 0; j < s.getSignedContentLength(); j++) {
System.out.println("################ Signed Resource " + i + "/" + j
+ " ################");
System.out.println(new String(s.getSignedContentItem(j)));
System.out.println();
}
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
示例13: testExternalXmlSignature
import org.apache.xml.security.signature.SignedInfo; //导入依赖的package包/类
@Test
public void testExternalXmlSignature() throws Exception {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
XMLSignature xmlSignature = new XMLSignature(document, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
Element signatureElement = xmlSignature.getElement();
document.appendChild(signatureElement);
ObjectContainer objectContainer = new ObjectContainer(document);
objectContainer.appendChild(document.createTextNode("Test Message"));
String id = "object-" + UUID.randomUUID().toString();
objectContainer.setId(id);
xmlSignature.appendObject(objectContainer);
Transforms transforms = new Transforms(document);
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS);
xmlSignature.addDocument("#" + id, transforms, MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA512, null, null);
KeyPair keyPair = generateKeyPair();
DateTime notBefore = new DateTime();
DateTime notAfter = notBefore.plusYears(1);
X509Certificate certificate = generateCertificate(keyPair.getPublic(), "CN=Test", notBefore, notAfter, null,
keyPair.getPrivate(), true, 0, null, new KeyUsage(KeyUsage.nonRepudiation));
xmlSignature.addKeyInfo(certificate);
SignedInfo signedInfo = xmlSignature.getSignedInfo();
signedInfo.generateDigestValues();
byte[] octets = signedInfo.getCanonicalizedOctetStream();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
byte[] digestValue = messageDigest.digest(octets);
byte[] digestInfoValue = ArrayUtils.addAll(SHA1_DIGEST_INFO_PREFIX, digestValue);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
byte[] signatureValue = cipher.doFinal(digestInfoValue);
String encodedSignatureValue = Base64.encode(signatureValue);
Element xmlSignatureElement = xmlSignature.getElement();
Element signatureValueElement = (Element) XPathAPI.selectSingleNode(xmlSignatureElement, "ds:SignatureValue");
signatureValueElement.setTextContent(encodedSignatureValue);
xmlSignature = new XMLSignature(xmlSignatureElement, null);
assertTrue(xmlSignature.checkSignatureValue(keyPair.getPublic()));
Source source = new DOMSource(document);
StringWriter stringWriter = new StringWriter();
Result result = new StreamResult(stringWriter);
Transformer xformer = TransformerFactory.newInstance().newTransformer();
xformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
xformer.transform(source, result);
String signedDocumentStr = stringWriter.getBuffer().toString();
LOG.debug("signed document: " + signedDocumentStr);
File tmpFile = File.createTempFile("signature-", ".xml");
IOUtils.write(signedDocumentStr.getBytes(), new FileOutputStream(tmpFile));
StringReader stringReader = new StringReader(signedDocumentStr);
InputSource inputSource = new InputSource(stringReader);
Document signedDocument = documentBuilder.parse(inputSource);
signatureElement = (Element) XPathAPI.selectSingleNode(signedDocument, "ds:Signature");
assertNotNull(signatureElement);
xmlSignature = new XMLSignature(signatureElement, null);
LOG.debug("tmp signature file: " + tmpFile.getAbsolutePath());
boolean signatureResult = xmlSignature.checkSignatureValue(keyPair.getPublic());
assertTrue(signatureResult);
}