本文整理汇总了Java中javax.xml.crypto.dsig.dom.DOMValidateContext.setIdAttributeNS方法的典型用法代码示例。如果您正苦于以下问题:Java DOMValidateContext.setIdAttributeNS方法的具体用法?Java DOMValidateContext.setIdAttributeNS怎么用?Java DOMValidateContext.setIdAttributeNS使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.xml.crypto.dsig.dom.DOMValidateContext
的用法示例。
在下文中一共展示了DOMValidateContext.setIdAttributeNS方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: isValida
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public boolean isValida(final InputStream xmlStream) throws Exception {
final DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
final Document document = dbf.newDocumentBuilder().parse(xmlStream);
final NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nodeList.getLength() == 0) {
throw new IllegalStateException("Nao foi encontrada a assinatura do XML.");
}
final String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
final XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
final DOMValidateContext validateContext = new DOMValidateContext(new X509KeySelector(), nodeList.item(0));
for (final String tag : AssinaturaDigital.ELEMENTOS_ASSINAVEIS) {
final NodeList elements = document.getElementsByTagName(tag);
if (elements.getLength() > 0) {
validateContext.setIdAttributeNS((Element) elements.item(0), null, "Id");
}
}
return signatureFactory.unmarshalXMLSignature(validateContext).validate(validateContext);
}
示例2: isValida
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public boolean isValida(final InputStream xmlStream) throws Exception {
final DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
final Document document = dbf.newDocumentBuilder().parse(xmlStream);
final NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nodeList.getLength() == 0) {
throw new IllegalStateException("N\u00e3o foi encontrada a assinatura do XML.");
}
final String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
final XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
final DOMValidateContext validateContext = new DOMValidateContext(new X509KeySelector(), nodeList.item(0));
for (final String tag : AssinaturaDigital.ELEMENTOS_ASSINAVEIS) {
final NodeList elements = document.getElementsByTagName(tag);
if (elements.getLength() > 0) {
validateContext.setIdAttributeNS((Element) elements.item(0), null, "Id");
}
}
return signatureFactory.unmarshalXMLSignature(validateContext).validate(validateContext);
}
示例3: validateXmlDSig
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
/**
* Utility function to validate XML Signature to do a self check
* @param signed request
* @return
*/
private boolean validateXmlDSig(String signed, X509Certificate cert){
try {
DocumentBuilderFactory dbf =
DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(signed.getBytes("utf-8")));
NodeList signatureNodeList = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
NodeList bodyNodeList = doc.getElementsByTagNameNS("http://schemas.xmlsoap.org/soap/envelope/", "Body");
if (signatureNodeList.getLength() == 0) {
throw new Exception("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(cert.getPublicKey(), signatureNodeList.item(0));
valContext.setIdAttributeNS((Element)bodyNodeList.item(0),"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd","Id");
XMLSignatureFactory factory =
XMLSignatureFactory.getInstance("DOM");
XMLSignature signature =
factory.unmarshalXMLSignature(valContext);
boolean coreValidity = signature.validate(valContext);
/*
//detailed validation - use when solving validity problems
boolean sv = signature.getSignatureValue().validate(valContext);
Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
for (int j=0; i.hasNext(); j++) {
boolean refValid = ( i.next()).validate(valContext);
}
*/
return coreValidity;
}
catch (Exception e){
throw new IllegalArgumentException("validation failes", e);
}
}
示例4: test_signature_with_ID
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
/**
* Validates a signature that references an element with an ID attribute.
* The element's ID needs to be registered so that it can be found.
*/
@org.junit.Test
public void test_signature_with_ID() throws Exception {
String file = "envelopingSignature.xml";
DOMValidateContext vc = validator.getValidateContext
(file, new KeySelectors.KeyValueKeySelector());
Document doc = vc.getNode().getOwnerDocument();
NodeList nl = doc.getElementsByTagName("Assertion");
vc.setIdAttributeNS((Element) nl.item(0), null, "AssertionID");
boolean coreValidity = validator.validate(vc);
assertTrue("Signature failed core validation", coreValidity);
}
示例5: testWrappingAttack
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void testWrappingAttack() throws Exception {
String file = "manifestSignatureWrapping.xml";
Document doc = XMLUtils.createDocumentBuilder(false, false).parse(new File(dir, file));
Element sigElement = SignatureValidator.getSignatureElement(doc);
if (sigElement == null) {
throw new Exception("Couldn't find signature Element");
}
DOMValidateContext vc =
new DOMValidateContext(new KeySelectors.KeyValueKeySelector(), sigElement);
vc.setBaseURI(dir.toURI().toString());
vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.FALSE);
boolean coreValidity = validator.validate(vc);
assertTrue("Signature failed core validation", coreValidity);
vc.setProperty("org.apache.jcp.xml.dsig.secureValidation", Boolean.TRUE);
Element manifestElement =
(Element) doc.getElementsByTagName("Manifest").item(0);
vc.setIdAttributeNS(manifestElement, null, "Id");
try {
boolean valid = validator.validate(vc);
System.out.println("Valid: " + valid);
fail("Failure expected when secure validation is enabled");
} catch (XMLSignatureException ex) {
assertTrue(ex.getMessage().contains("URIReferenceException"));
}
}
示例6: test_create_signature_with_attr_in_no_namespace
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
static void test_create_signature_with_attr_in_no_namespace()
throws Exception
{
System.out.println
("* Generating signature-with-attr-in-no-namespace.xml");
// create references
List<Reference> refs = Collections.singletonList
(fac.newReference("#unknown", sha1));
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, rsaSha1, refs);
// create object-1
Document doc = db.newDocument();
Element nc = doc.createElementNS(null, "NonCommentandus");
// add attribute with no namespace
nc.setAttribute("Id", "unknown");
XMLObject obj = fac.newXMLObject(Collections.singletonList
(new DOMStructure(nc)), "object-1", null, null);
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, rsa,
Collections.singletonList(obj),
"signature", null);
DOMSignContext dsc = new DOMSignContext(getPrivateKey("RSA", 512), doc);
dsc.setIdAttributeNS(nc, null, "Id");
sig.sign(dsc);
// dumpDocument(doc, new PrintWriter(System.out));
DOMValidateContext dvc = new DOMValidateContext
(kvks, doc.getDocumentElement());
dvc.setIdAttributeNS(nc, null, "Id");
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
if (sig.equals(sig2) == false) {
throw new Exception
("Unmarshalled signature is not equal to generated signature");
}
if (sig2.validate(dvc) == false) {
throw new Exception("Validation of generated signature failed");
}
System.out.println();
}
示例7: validate
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
/**
* Validate XML signature of a message
* @param xml String containing the XML document
* @throws IOException if the parsing of the XML fails
* @throws ValidationException if the validation failed
*/
public static void validate(final String xml) throws IOException, ValidationException {
try {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
Document doc = dbf.newDocumentBuilder().parse(new ByteArrayInputStream(xml.getBytes("UTF-8")));
// Find Signature
NodeList nodelist = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nodelist.getLength() == 0) {
throw new IllegalArgumentException("Given XML document contains no Signature");
}
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
DOMValidateContext ctx = new DOMValidateContext(new SimpleKeySelector(), nodelist.item(0));
// Unmarshal the XMLSignature
XMLSignature signature = fac.unmarshalXMLSignature(ctx);
// Find 1st Assertion
Element assertion = (Element) doc.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "Assertion").item(0);
ctx.setIdAttributeNS(assertion, null, "ID");
// Validate the XMLSignature
boolean validity = signature.validate(ctx);
// Check validation status
if (validity == false) {
log.error("Signature failed core validation");
boolean sigValidity = signature.getSignatureValue().validate(ctx);
log.info("Signature validation status: " + sigValidity);
List<?> refs = signature.getSignedInfo().getReferences();
for (int i = 0; i < refs.size(); i++) {
boolean refValid = ((Reference) refs.get(i)).validate(ctx);
log.info("Reference["+i+"] validity status: " + refValid);
}
throw new ValidationException("Signature failed core validation");
} else {
log.info("Signature passed core validation");
}
} catch (UnsupportedEncodingException | SAXException | ParserConfigurationException | MarshalException | XMLSignatureException e) {
throw new IOException(e);
}
}
示例8: test_create_signature_with_attr_in_no_namespace
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
static void test_create_signature_with_attr_in_no_namespace()
throws Exception
{
System.out.println
("* Generating signature-with-attr-in-no-namespace.xml");
// create references
List<Reference> refs = Collections.singletonList
(fac.newReference("#unknown", sha1));
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, rsaSha1, refs);
// create object-1
Document doc = db.newDocument();
Element nc = doc.createElementNS(null, "NonCommentandus");
// add attribute with no namespace
nc.setAttribute("Id", "unknown");
XMLObject obj = fac.newXMLObject(Collections.singletonList
(new DOMStructure(nc)), "object-1", null, null);
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, rsa,
Collections.singletonList(obj),
"signature", null);
DOMSignContext dsc = new DOMSignContext(getPrivateKey("RSA"), doc);
dsc.setIdAttributeNS(nc, null, "Id");
sig.sign(dsc);
// dumpDocument(doc, new PrintWriter(System.out));
DOMValidateContext dvc = new DOMValidateContext
(kvks, doc.getDocumentElement());
dvc.setIdAttributeNS(nc, null, "Id");
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
if (sig.equals(sig2) == false) {
throw new Exception
("Unmarshalled signature is not equal to generated signature");
}
if (sig2.validate(dvc) == false) {
throw new Exception("Validation of generated signature failed");
}
System.out.println();
}