本文整理汇总了Java中javax.xml.crypto.dsig.dom.DOMValidateContext.setURIDereferencer方法的典型用法代码示例。如果您正苦于以下问题:Java DOMValidateContext.setURIDereferencer方法的具体用法?Java DOMValidateContext.setURIDereferencer怎么用?Java DOMValidateContext.setURIDereferencer使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.xml.crypto.dsig.dom.DOMValidateContext
的用法示例。
在下文中一共展示了DOMValidateContext.setURIDereferencer方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifySignature
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
/**
* Verification via the default JSR105 implementation triggers some
* canonicalization errors.
*
* @param odfUrl
* @param signatureNode
* @throws MarshalException
* @throws XMLSignatureException
*/
private boolean verifySignature(URL odfUrl, Node signatureNode) throws MarshalException, XMLSignatureException {
// work-around for Java 7
Element signedPropertiesElement = (Element) ((Element) signatureNode)
.getElementsByTagNameNS(XAdESXLSignatureFacet.XADES_NAMESPACE, "SignedProperties").item(0);
if (null != signedPropertiesElement) {
signedPropertiesElement.setIdAttribute("Id", true);
}
DOMValidateContext domValidateContext = new DOMValidateContext(new KeyInfoKeySelector(), signatureNode);
ODFURIDereferencer dereferencer = new ODFURIDereferencer(odfUrl);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
LOG.debug("java version: " + System.getProperty("java.version"));
/*
* Requires Java 6u10 because of a bug. See also:
* http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6696582
*/
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
return validity;
}
示例2: validate
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
boolean validate(String fn, KeySelector ks, URIDereferencer ud,
boolean cache) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setValidating(false);
Document doc = dbf.newDocumentBuilder().parse(new File(dir, fn));
NodeList nl =
doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new Exception("Couldn't find signature Element");
}
Element sigElement = (Element) nl.item(0);
DOMValidateContext vc = new DOMValidateContext(ks, sigElement);
vc.setBaseURI(dir.toURI().toString());
if (cache) {
vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
}
XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
XMLSignature signature = factory.unmarshalXMLSignature(vc);
if (ud != null) {
vc.setURIDereferencer(ud);
}
boolean coreValidity = signature.validate(vc);
// Check reference cache
if (cache) {
Iterator i = signature.getSignedInfo().getReferences().iterator();
for (int j=0; i.hasNext(); j++) {
Reference ref = (Reference) i.next();
if (!digestInputEqual(ref)) {
throw new Exception
("cached data for Reference[" + j + "] is not correct");
}
// check that dereferenced data does not contain comment nodes
if (ref.getURI() == "") {
System.out.println("checking deref data");
NodeSetData data = (NodeSetData) ref.getDereferencedData();
Iterator ni = data.iterator();
while (ni.hasNext()) {
Node n = (Node) ni.next();
if (n.getNodeType() == Node.COMMENT_NODE) {
throw new Exception("dereferenced data for " +
" Reference[" + j + " contains comment node");
}
}
}
}
}
return coreValidity;
}
示例3: main
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setValidating(false);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
Document doc = dbf.newDocumentBuilder().parse(new File(SIGNATURE));
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS,
"Signature");
if (nl.getLength() == 0) {
throw new RuntimeException("Couldn't find 'Signature' element");
}
Element element = (Element) nl.item(0);
byte[] keyBytes = Base64.getDecoder().decode(validationKey);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey key = kf.generatePublic(spec);
KeySelector ks = KeySelector.singletonKeySelector(key);
DOMValidateContext vc = new DOMValidateContext(ks, element);
// disable secure validation mode
vc.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.FALSE);
// set a dummy dereferencer to be able to get content by references
vc.setURIDereferencer(dereferencer);
XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
XMLSignature signature = factory.unmarshalXMLSignature(vc);
// run validation
signature.validate(vc);
}
示例4: validate
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public boolean validate(String fn, KeySelector ks, URIDereferencer ud)
throws Exception {
DOMValidateContext vc = getValidateContext(fn, ks);
if (ud != null) {
vc.setURIDereferencer(ud);
}
return validate(vc);
}
示例5: test_signature_dsa_detached
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void test_signature_dsa_detached() throws Exception {
String file = "signature-dsa-detached.xml";
DOMValidateContext vc = validator.getValidateContext
(file, new KeySelectors.RawX509KeySelector());
vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
vc.setURIDereferencer(ud);
boolean coreValidity = validator.validate(vc);
assertTrue("Signature failed core validation", coreValidity);
}
示例6: test_signature_rsa_detached
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@org.junit.Test
public void test_signature_rsa_detached() throws Exception {
String file = "signature-rsa-detached.xml";
DOMValidateContext vc = validator.getValidateContext
(file, new KeySelectors.RawX509KeySelector());
vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
vc.setURIDereferencer(ud);
boolean coreValidity = validator.validate(vc);
assertTrue("Signature failed core validation", coreValidity);
}
示例7: getVerifiedSignatureSigner
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
private static X509Certificate getVerifiedSignatureSigner(URL odfUrl, Node signatureNode)
throws MarshalException, XMLSignatureException {
if (null == odfUrl) {
throw new IllegalArgumentException("odfUrl is null");
}
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
ODFURIDereferencer dereferencer = new ODFURIDereferencer(odfUrl);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
LOG.debug("java version: " + System.getProperty("java.version"));
/*
* Requires Java 6u10 because of a bug. See also:
* http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6696582
*/
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
if (false == validity) {
LOG.debug("invalid signature");
return null;
}
// TODO: check what has been signed.
X509Certificate signer = keySelector.getCertificate();
if (null == signer) {
throw new IllegalStateException("signer X509 certificate is null");
}
LOG.debug("signer: " + signer.getSubjectX500Principal());
return signer;
}
示例8: getSigners
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
public List<X509Certificate> getSigners(URL url) throws IOException, ParserConfigurationException, SAXException,
TransformerException, MarshalException, XMLSignatureException, JAXBException {
List<X509Certificate> signers = new LinkedList<X509Certificate>();
List<String> signatureResourceNames = getSignatureResourceNames(url);
for (String signatureResourceName : signatureResourceNames) {
LOG.debug("signature resource name: " + signatureResourceName);
Document signatureDocument = loadDocument(url, signatureResourceName);
if (null == signatureDocument) {
LOG.warn("signature resource not found: " + signatureResourceName);
continue;
}
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (0 == signatureNodeList.getLength()) {
LOG.debug("no signature elements present");
continue;
}
Node signatureNode = signatureNodeList.item(0);
OPCKeySelector keySelector = new OPCKeySelector(url, signatureResourceName);
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
if (false == validity) {
LOG.debug("not a valid signature");
continue;
}
// TODO: check what has been signed.
X509Certificate signer = keySelector.getCertificate();
signers.add(signer);
}
return signers;
}
示例9: testSignedOOXML2
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@Test
public void testSignedOOXML2() throws Exception {
// setup
URL url = OOXMLSignatureVerifierTest.class.getResource("/signed.docx");
// operate
OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
List<X509Certificate> result = verifier.getSigners(url);
// verify
assertNotNull(result);
assertEquals(1, result.size());
X509Certificate signer = result.get(0);
LOG.debug("signer: " + signer.getSubjectX500Principal());
byte[] document = IOUtils.toByteArray(url.openStream());
List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
signatureResourceNames.get(0));
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
Element signatureElement = (Element) signatureNodeList.item(0);
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
示例10: testSignedOOXMLOffice2010ValidOOXML
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
@Test
public void testSignedOOXMLOffice2010ValidOOXML() throws Exception {
// setup
URL url = OOXMLSignatureVerifierTest.class.getResource("/hallo.docx");
// operate
OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
List<X509Certificate> result = verifier.getSigners(url);
// verify
assertNotNull(result);
assertEquals(1, result.size());
X509Certificate signer = result.get(0);
LOG.debug("signer: " + signer.getSubjectX500Principal());
byte[] document = IOUtils.toByteArray(url.openStream());
List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
signatureResourceNames.get(0));
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
Element signatureElement = (Element) signatureNodeList.item(0);
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
示例11: verify
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
private boolean verify(Document document, List<EbMSDataSource> dataSources) throws MarshalException, XMLSignatureException
{
NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS,"Signature");
if (nodeList.getLength() > 0)
{
XMLSignatureFactory signFactory = XMLSignatureFactory.getInstance();
DOMValidateContext validateContext = new DOMValidateContext(new XMLDSigKeySelector(),nodeList.item(0));
URIDereferencer dereferencer = new EbMSDataSourceURIDereferencer(dataSources);
validateContext.setURIDereferencer(dereferencer);
XMLSignature signature = signFactory.unmarshalXMLSignature(validateContext);
return signature.validate(validateContext);
}
return true;
}
示例12: if
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
private static void test_create_signature_external
(SignatureMethod sm, KeyInfo ki, Key signingKey, KeySelector ks,
boolean b64) throws Exception {
// create reference
Reference ref;
if (b64) {
ref = fac.newReference
(STYLESHEET_B64,
sha1, Collections.singletonList
(fac.newTransform(Transform.BASE64,
(TransformParameterSpec) null)), null, null);
} else {
ref = fac.newReference(STYLESHEET, sha1);
}
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, sm,
Collections.singletonList(ref));
Document doc = db.newDocument();
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, ki);
DOMSignContext dsc = new DOMSignContext(signingKey, doc);
dsc.setURIDereferencer(httpUd);
sig.sign(dsc);
DOMValidateContext dvc = new DOMValidateContext
(ks, doc.getDocumentElement());
File f = new File(DATA_DIR);
dvc.setBaseURI(f.toURI().toString());
dvc.setURIDereferencer(httpUd);
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
if (sig.equals(sig2) == false) {
throw new Exception
("Unmarshalled signature is not equal to generated signature");
}
if (sig2.validate(dvc) == false) {
throw new Exception("Validation of generated signature failed");
}
}
示例13: validate
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
boolean validate(String fn, KeySelector ks, URIDereferencer ud,
boolean cache) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setValidating(false);
Document doc = dbf.newDocumentBuilder().parse(new File(dir, fn));
NodeList nl =
doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new Exception("Couldn't find signature Element");
}
Element sigElement = (Element) nl.item(0);
DOMValidateContext vc = new DOMValidateContext(ks, sigElement);
vc.setBaseURI(dir.toURI().toString());
if (cache) {
vc.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
}
XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
XMLSignature signature = factory.unmarshalXMLSignature(vc);
if (ud != null) {
vc.setURIDereferencer(ud);
}
boolean coreValidity = signature.validate(vc);
// Check reference cache
if (cache) {
Iterator<Reference> i =
signature.getSignedInfo().getReferences().iterator();
for (int j = 0; i.hasNext(); j++) {
Reference ref = i.next();
if (!digestInputEqual(ref)) {
throw new Exception
("cached data for Reference[" + j + "] is not correct");
}
// check that dereferenced data does not contain comment nodes
if (ref.getURI() == "") {
System.out.println("checking deref data");
@SuppressWarnings("unchecked")
NodeSetData<Node> data =
(NodeSetData<Node>)ref.getDereferencedData();
for (Node n : data) {
if (n.getNodeType() == Node.COMMENT_NODE) {
throw new Exception("dereferenced data for " +
" Reference[" + j + " contains comment node");
}
}
}
}
}
return coreValidity;
}
示例14: if
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
private void test_create_signature_external
(SignatureMethod sm, KeyInfo ki, Key signingKey, KeySelector ks,
boolean b64) throws Exception {
// create reference
Reference ref;
if (b64) {
ref = fac.newReference
("http://www.w3.org/Signature/2002/04/xml-stylesheet.b64",
sha1, Collections.singletonList
(fac.newTransform(Transform.BASE64,
(TransformParameterSpec) null)), null, null);
} else {
ref = fac.newReference
("http://www.w3.org/Signature/2002/04/xml-stylesheet.b64",sha1);
}
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, sm,
Collections.singletonList(ref));
Document doc = db.newDocument();
// create XMLSignature
XMLSignature sig = fac.newXMLSignature(si, ki);
DOMSignContext dsc = new DOMSignContext(signingKey, doc);
dsc.setURIDereferencer(ud);
sig.sign(dsc);
TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
/*
System.out.println("doc is:");
StringWriter sw = new StringWriter();
dumpDocument(doc, sw);
System.out.println(sw.toString());
*/
DOMValidateContext dvc = new DOMValidateContext
(ks, doc.getDocumentElement());
String base = System.getProperty("basedir") == null ? "./": System.getProperty("basedir");
String fs = System.getProperty("file.separator");
File f = new File(
base + fs + "src/test/resources" + fs + "ie" + fs +
"baltimore" + fs + "merlin-examples" + fs +
"merlin-xmldsig-twenty-three" + fs);
dvc.setBaseURI(f.toURI().toString());
dvc.setURIDereferencer(ud);
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
assertTrue(sig.equals(sig2));
assertTrue(sig2.validate(dvc));
}
示例15: verifySignatures
import javax.xml.crypto.dsig.dom.DOMValidateContext; //导入方法依赖的package包/类
/**
* Verifies the signatures on the given ASiC document.
*
* @param asicDocument
* the ASiC document as byte array.
* @return the list of signatories.
* @throws IOException
* @throws ParserConfigurationException
* @throws SAXException
* @throws MarshalException
* @throws XMLSignatureException
*/
public static List<X509Certificate> verifySignatures(byte[] asicDocument)
throws IOException, ParserConfigurationException, SAXException, MarshalException, XMLSignatureException {
ZipInputStream zipInputStream = new ZipInputStream(new ByteArrayInputStream(asicDocument));
ZipEntry zipEntry;
while (null != (zipEntry = zipInputStream.getNextEntry())) {
if (ASiCUtil.isSignatureZipEntry(zipEntry)) {
break;
}
}
List<X509Certificate> signatories = new LinkedList<X509Certificate>();
if (null == zipEntry) {
return signatories;
}
Document documentSignaturesDocument = ODFUtil.loadDocument(zipInputStream);
NodeList signatureNodeList = documentSignaturesDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
for (int idx = 0; idx < signatureNodeList.getLength(); idx++) {
Element signatureElement = (Element) signatureNodeList.item(idx);
// work-around for Java 7
Element signedPropertiesElement = (Element) signatureElement
.getElementsByTagNameNS(XAdESXLSignatureFacet.XADES_NAMESPACE, "SignedProperties").item(0);
signedPropertiesElement.setIdAttribute("Id", true);
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
ASiCURIDereferencer dereferencer = new ASiCURIDereferencer(asicDocument);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean valid = xmlSignature.validate(domValidateContext);
if (!valid) {
continue;
}
X509Certificate signer = keySelector.getCertificate();
signatories.add(signer);
}
return signatories;
}