本文整理匯總了Java中javax.xml.crypto.dsig.XMLSignature.sign方法的典型用法代碼示例。如果您正苦於以下問題:Java XMLSignature.sign方法的具體用法?Java XMLSignature.sign怎麽用?Java XMLSignature.sign使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類javax.xml.crypto.dsig.XMLSignature
的用法示例。
在下文中一共展示了XMLSignature.sign方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public <T extends Node> T sign(T node) {
checkNotNull(node);
checkArgument(node instanceof Document || node instanceof Element);
try {
Element element = node instanceof Document ? ((Document) node).getDocumentElement() : (Element) node;
DOMSignContext dsc = new DOMSignContext(privateKey, element);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM");
List<Transform> transformList = new LinkedList<>();
transformList.add(signatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
transformList.add(signatureFactory.newTransform(C14N_TRANSFORM_METHOD, (TransformParameterSpec) null));
Node child = findFirstElementChild(element);
((Element) child).setIdAttribute("Id", true);
String id = child.getAttributes().getNamedItem("Id").getNodeValue();
String uri = String.format("#%s", id);
Reference reference = signatureFactory.newReference(uri,
signatureFactory.newDigestMethod(DigestMethod.SHA1, null), transformList, null, null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), signatureFactory
.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference));
KeyInfoFactory kif = signatureFactory.getKeyInfoFactory();
X509Data x509Data = kif.newX509Data(Collections.singletonList(certificateChain[0]));
KeyInfo keyInfo = kif.newKeyInfo(Collections.singletonList(x509Data));
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, keyInfo);
xmlSignature.sign(dsc);
return node;
}
catch (Exception ex) {
throw new IllegalArgumentException("Erro ao assinar XML.", ex);
}
}
示例2: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public synchronized void sign()
throws MarshalException,
XMLSignatureException,
KeyException {
if (this.document == null)
throw new RuntimeException("Can't sign a NULL document");
Reference reference = this.signatureFactory.newReference(
referenceUri,
this.digestMethod,
this.transformList,
null,
null);
SignedInfo signedInfo = this.signatureFactory.newSignedInfo(
this.canonicalizationMethod,
this.signatureMethod,
Collections.singletonList(reference));
// Create the KeyInfo containing the X509Data.
X509Data xd = this.keyInfoFactory.newX509Data(
Collections.singletonList(this.certificateWithKey.certificate));
KeyInfo keyInfo = this.keyInfoFactory.newKeyInfo(Collections.singletonList(xd));
XMLSignature signature = this.signatureFactory.newXMLSignature(
signedInfo,
keyInfo);
DOMSignContext signingContext = new DOMSignContext(
this.certificateWithKey.privateKey,
document.getDocumentElement());
signature.sign(signingContext);
}
示例3: signSamlElement
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
/**
* Sign SAML element.
*
* @param element the element
* @param privKey the priv key
* @param pubKey the pub key
* @return the element
*/
private static org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey, final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider", SIGNATURE_FACTORY_PROVIDER_CLASS);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
final List<Transform> envelopedTransform = Collections.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference(StringUtils.EMPTY, sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null);
// Create the SignatureMethod based on the type of key
final SignatureMethod signatureMethod;
final String algorithm = pubKey.getAlgorithm();
switch (algorithm) {
case "DSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null);
break;
case "RSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
break;
default:
throw new RuntimeException("Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires w3c representation)
final Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
final Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
final XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e);
}
}
示例4: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
synchronized void sign ( final Key privateKey, final PublicKey publicKey, final Certificate cert, final Document doc ) throws Exception
{
final DOMSignContext dsc = new DOMSignContext ( privateKey, doc.getDocumentElement () );
final SignatureMethod sm = this.fac.newSignatureMethod ( fromAlg ( privateKey.getAlgorithm () ), null );
final SignedInfo si = this.fac.newSignedInfo ( this.cm, sm, Collections.singletonList ( this.ref ) );
final List<Object> data = new LinkedList<Object> ();
if ( cert != null )
{
data.add ( this.kif.newKeyValue ( cert.getPublicKey () ) );
data.add ( this.kif.newX509Data ( Collections.singletonList ( cert ) ) );
}
else
{
data.add ( this.kif.newKeyValue ( publicKey ) );
}
final KeyInfo ki = this.kif.newKeyInfo ( data );
final XMLSignature signature = this.fac.newXMLSignature ( si, ki );
// finally sign
signature.sign ( dsc );
}
示例5: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public Document sign(FileInputStream fileStream, KeyPair keyPair)
throws ParserConfigurationException, SAXException, IOException,
NoSuchAlgorithmException, InvalidAlgorithmParameterException,
KeyException, MarshalException, XMLSignatureException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
Document document = builder.parse(fileStream);
DOMSignContext signContext = new DOMSignContext(keyPair.getPrivate(),
document.getDocumentElement());
XMLSignatureFactory signFactory = XMLSignatureFactory
.getInstance("DOM");
Reference ref = signFactory.newReference("", signFactory
.newDigestMethod(digestMethod, null), Collections
.singletonList(signFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null)), null, null);
SignedInfo si = signFactory.newSignedInfo(signFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null), signFactory
.newSignatureMethod(signatureMethod, null), Collections
.singletonList(ref));
KeyInfoFactory kif = signFactory.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(keyPair.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = signFactory.newXMLSignature(si, ki);
signature.sign(signContext);
return document;
}
示例6: test_create_signature_enveloping
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private void test_create_signature_enveloping(
SignatureMethod sm, DigestMethod dm, KeyInfo ki, Key signingKey, KeySelector ks
) throws Exception {
// create reference
Reference ref = fac.newReference("#DSig.Object_1", dm, null,
XMLObject.TYPE, null);
// create SignedInfo
SignedInfo si = fac.newSignedInfo(withoutComments, sm,
Collections.singletonList(ref));
Document doc = db.newDocument();
// create Objects
Element webElem = doc.createElementNS(null, "Web");
Text text = doc.createTextNode("up up and away");
webElem.appendChild(text);
XMLObject obj = fac.newXMLObject(Collections.singletonList
(new DOMStructure(webElem)), "DSig.Object_1", "text/xml", null);
// create XMLSignature
XMLSignature sig = fac.newXMLSignature
(si, ki, Collections.singletonList(obj), null, null);
DOMSignContext dsc = new DOMSignContext(signingKey, doc);
dsc.setDefaultNamespacePrefix("dsig");
sig.sign(dsc);
TestUtils.validateSecurityOrEncryptionElement(doc.getDocumentElement());
// XMLUtils.outputDOM(doc.getDocumentElement(), System.out);
DOMValidateContext dvc = new DOMValidateContext
(ks, doc.getDocumentElement());
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
assertTrue(sig.equals(sig2));
assertTrue(sig2.validate(dvc));
}
示例7: assinarDocumento
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public String assinarDocumento(final String conteudoXml) throws Exception {
final KeyStore keyStore = KeyStore.getInstance("PKCS12");
try (InputStream certificadoStream = new ByteArrayInputStream(this.config.getCertificado())) {
keyStore.load(certificadoStream, this.config.getCertificadoSenha().toCharArray());
}
final KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(keyStore.aliases().nextElement(), new KeyStore.PasswordProtection(this.config.getCertificadoSenha().toCharArray()));
final XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM");
final List<Transform> transforms = new ArrayList<>(2);
transforms.add(signatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
transforms.add(signatureFactory.newTransform(AssinaturaDigital.C14N_TRANSFORM_METHOD, (TransformParameterSpec) null));
final KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
final X509Data x509Data = keyInfoFactory.newX509Data(Collections.singletonList((X509Certificate) keyEntry.getCertificate()));
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data));
final DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
try (StringReader stringReader = new StringReader(conteudoXml)) {
final Document document = documentBuilderFactory.newDocumentBuilder().parse(new InputSource(stringReader));
for (final String elementoAssinavel : AssinaturaDigital.ELEMENTOS_ASSINAVEIS) {
final NodeList elements = document.getElementsByTagName(elementoAssinavel);
for (int i = 0; i < elements.getLength(); i++) {
final Element element = (Element) elements.item(i);
final String id = element.getAttribute("Id");
element.setIdAttribute("Id", true);
final Reference reference = signatureFactory.newReference("#" + id, signatureFactory.newDigestMethod(DigestMethod.SHA1, null), transforms, null, null);
final SignedInfo signedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference));
final XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(new DOMSignContext(keyEntry.getPrivateKey(), element.getParentNode()));
}
}
return this.converteDocumentParaXml(document);
}
}
示例8: signSignature
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private Element signSignature(String id, Element env, KeyInfoFactory keyInfoFactory, X509Credential credential) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException {
if (endorsingToken == null) return env;
NodeList nl = env.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
for (int i = 0; i < nl.getLength(); i++) {
Element e = (Element) nl.item(i);
if (e.hasAttributeNS(null, "Id")) {
e.setAttributeNS(WSSecurityConstants.WSU_NS, "Id", e.getAttribute("Id"));
e.setIdAttributeNS(WSSecurityConstants.WSU_NS, "Id", true);
}
}
env = SAMLUtil.loadElementFromString(XMLHelper.nodeToString(env));
DigestMethod digestMethod = xsf.newDigestMethod(DigestMethod.SHA1, null);
List<Transform> transforms = new ArrayList<Transform>(2);
transforms.add(xsf.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#",new ExcC14NParameterSpec(Collections.singletonList("xsd"))));
List<Reference> refs = new ArrayList<Reference>();
Reference r = xsf.newReference("#"+id, digestMethod, transforms, null, null);
refs.add(r);
CanonicalizationMethod canonicalizationMethod = xsf.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
SignatureMethod signatureMethod = xsf.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
SignedInfo signedInfo = xsf.newSignedInfo(canonicalizationMethod, signatureMethod, refs);
KeyInfo ki = generateKeyInfo(credential, keyInfoFactory, false);
XMLSignature signature = xsf.newXMLSignature(signedInfo, ki);
Node security = env.getElementsByTagNameNS(WSSecurityConstants.WSSE_NS, "Security").item(0);
DOMSignContext signContext = new DOMSignContext(credential.getPrivateKey(), security);
signContext.putNamespacePrefix(SAMLConstants.XMLSIG_NS, SAMLConstants.XMLSIG_PREFIX);
signContext.putNamespacePrefix(SAMLConstants.XMLENC_NS, SAMLConstants.XMLENC_PREFIX);
signature.sign(signContext);
return env;
}
示例9: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private void sign(KeyStore keyStore, KeyPair keyPair, String alias, Document document, List<EbMSDataSource> dataSources) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, KeyException, MarshalException, XMLSignatureException, KeyStoreException
{
//XMLSignatureFactory signFactory = XMLSignatureFactory.getInstance("DOM");
XMLSignatureFactory signFactory = XMLSignatureFactory.getInstance();
DigestMethod sha1DigestMethod = signFactory.newDigestMethod(DigestMethod.SHA1,null);
List<Transform> transforms = new ArrayList<Transform>();
transforms.add(signFactory.newTransform(Transform.ENVELOPED,(TransformParameterSpec)null));
Map<String,String> m = new HashMap<String,String>();
m.put("soap","http://schemas.xmlsoap.org/soap/envelope/");
transforms.add(signFactory.newTransform(Transform.XPATH,new XPathFilterParameterSpec("not(ancestor-or-self::node()[@soap:actor=\"urn:oasis:names:tc:ebxml-msg:service:nextMSH\"]|ancestor-or-self::node()[@soap:actor=\"http://schemas.xmlsoap.org/soap/actor/next\"])",m)));
transforms.add(signFactory.newTransform(CanonicalizationMethod.INCLUSIVE,(TransformParameterSpec)null));
List<Reference> references = new ArrayList<Reference>();
references.add(signFactory.newReference("",sha1DigestMethod,transforms,null,null));
for (EbMSDataSource dataSource : dataSources)
references.add(signFactory.newReference("cid:" + dataSource.getContentId(),sha1DigestMethod,Collections.emptyList(),null,null,DigestUtils.sha(IOUtils.toByteArray(dataSource.getInputStream()))));
SignedInfo signedInfo = signFactory.newSignedInfo(signFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,(C14NMethodParameterSpec)null),signFactory.newSignatureMethod(SignatureMethod.RSA_SHA1,null),references);
List<XMLStructure> keyInfoElements = new ArrayList<XMLStructure>();
KeyInfoFactory keyInfoFactory = signFactory.getKeyInfoFactory();
keyInfoElements.add(keyInfoFactory.newKeyValue(keyPair.getPublic()));
Certificate[] certificates = keyStore.getCertificateChain(alias);
//keyInfoElements.add(keyInfoFactory.newX509Data(Arrays.asList(certificates)));
keyInfoElements.add(keyInfoFactory.newX509Data(Collections.singletonList(certificates[0])));
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoElements);
XMLSignature signature = signFactory.newXMLSignature(signedInfo,keyInfo);
Element soapHeader = getFirstChildElement(document.getDocumentElement());
DOMSignContext signContext = new DOMSignContext(keyPair.getPrivate(),soapHeader);
signContext.putNamespacePrefix(XMLSignature.XMLNS,"ds");
signature.sign(signContext);
}
示例10: signRequest
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private void signRequest(Element requestElement, PrivateKey privateKey,
X509Certificate certificate) throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, MarshalException,
XMLSignatureException {
DOMSignContext domSignContext = new DOMSignContext(privateKey,
requestElement, requestElement.getFirstChild());
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory
.getInstance("DOM");
String requestId = requestElement.getAttribute("RequestID");
requestElement.setIdAttribute("RequestID", true);
List<Transform> transforms = new LinkedList<>();
transforms.add(xmlSignatureFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
transforms.add(xmlSignatureFactory.newTransform(
CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null));
Reference reference = xmlSignatureFactory.newReference("#" + requestId,
xmlSignatureFactory.newDigestMethod(DigestMethod.SHA1, null),
transforms, null, null);
SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(
xmlSignatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null), xmlSignatureFactory
.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
Collections.singletonList(reference));
KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory();
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyInfoFactory.newX509Data(Collections
.singletonList(certificate))));
XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(
signedInfo, keyInfo);
xmlSignature.sign(domSignContext);
}
示例11: addSignature
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private void addSignature(Element parentElement)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, MarshalException,
XMLSignatureException {
DOMSignContext domSignContext = new DOMSignContext(
this.sessionKey.getPrivate(), parentElement);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory
.getInstance("DOM");
Reference reference = xmlSignatureFactory.newReference("#"
+ this.prototypeKeyBindingId, xmlSignatureFactory
.newDigestMethod(DigestMethod.SHA1, null), Collections
.singletonList(xmlSignatureFactory.newTransform(
CanonicalizationMethod.EXCLUSIVE,
(TransformParameterSpec) null)), null, null);
SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(
xmlSignatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null), xmlSignatureFactory
.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
Collections.singletonList(reference));
XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(
signedInfo, null);
xmlSignature.sign(domSignContext);
}
示例12: addSignature
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private void addSignature(Element parentElement)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, MarshalException,
XMLSignatureException {
DOMSignContext domSignContext = new DOMSignContext(
this.authnPrivateKey, parentElement);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory
.getInstance("DOM");
Reference reference = xmlSignatureFactory.newReference(
this.referenceUri, xmlSignatureFactory.newDigestMethod(
DigestMethod.SHA1, null), Collections
.singletonList(xmlSignatureFactory.newTransform(
CanonicalizationMethod.EXCLUSIVE,
(TransformParameterSpec) null)), null, null);
SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(
xmlSignatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null), xmlSignatureFactory
.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
Collections.singletonList(reference));
KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory();
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyInfoFactory.newX509Data(Collections
.singletonList(this.authnCertificate))));
XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(
signedInfo, keyInfo);
xmlSignature.sign(domSignContext);
}
示例13: main
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException, org.hl7.fhir.exceptions.FHIRException {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// create a key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
// sign the document
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = System.out;
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
示例14: sign
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
private static void sign(Document document, DigitalSignatureServiceSession session) throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, MarshalException, XMLSignatureException {
Key key = new SecretKeySpec(session.getKey(), "HMACSHA1");
Node parentElement = document.getElementsByTagNameNS("urn:oasis:names:tc:dss:1.0:core:schema", "OptionalInputs")
.item(0);
DOMSignContext domSignContext = new DOMSignContext(key, parentElement);
domSignContext.setDefaultNamespacePrefix("ds");
// XMLDSigRI Websphere work-around
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
List<Transform> transforms = new LinkedList<Transform>();
transforms.add(xmlSignatureFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
transforms.add(
xmlSignatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null));
Reference reference = xmlSignatureFactory.newReference("",
xmlSignatureFactory.newDigestMethod(DigestMethod.SHA1, null), transforms, null, null);
SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(
xmlSignatureFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null),
xmlSignatureFactory.newSignatureMethod(SignatureMethod.HMAC_SHA1, null),
Collections.singletonList(reference));
Element securityTokenReferenceElement = getSecurityTokenReference(session);
KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory();
DOMStructure securityTokenReferenceDOMStructure = new DOMStructure(securityTokenReferenceElement);
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(securityTokenReferenceDOMStructure));
XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo);
xmlSignature.sign(domSignContext);
}
示例15: signDOM
import javax.xml.crypto.dsig.XMLSignature; //導入方法依賴的package包/類
public static void signDOM(Node node, PrivateKey privateKey, Certificate origCert) {
XMLSignatureFactory fac = initXMLSigFactory();
X509Certificate cert = (X509Certificate) origCert;
// Create the KeyInfo containing the X509Data.
KeyInfoFactory kif = fac.getKeyInfoFactory();
List<Object> x509Content = new ArrayList<Object>();
x509Content.add(cert.getSubjectX500Principal().getName());
x509Content.add(cert);
X509Data xd = kif.newX509Data(x509Content);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
// Create a DOMSignContext and specify the RSA PrivateKey and
// location of the resulting XMLSignature's parent element.
DOMSignContext dsc = new DOMSignContext(privateKey, node);
dsc.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ns2");
// Create the XMLSignature, but don't sign it yet.
try {
SignedInfo si = initSignedInfo(fac);
XMLSignature signature = fac.newXMLSignature(si, ki);
// Marshal, generate, and sign the enveloped signature.
signature.sign(dsc);
} catch (Exception e) {
throw new RuntimeException(e);
}
}