本文整理匯總了Java中javax.xml.crypto.dsig.XMLSignatureFactory.newCanonicalizationMethod方法的典型用法代碼示例。如果您正苦於以下問題:Java XMLSignatureFactory.newCanonicalizationMethod方法的具體用法?Java XMLSignatureFactory.newCanonicalizationMethod怎麽用?Java XMLSignatureFactory.newCanonicalizationMethod使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類javax.xml.crypto.dsig.XMLSignatureFactory的用法示例。
在下文中一共展示了XMLSignatureFactory.newCanonicalizationMethod方法的14個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: signSamlElement
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Sign SAML element.
*
* @param element the element
* @param privKey the priv key
* @param pubKey the pub key
* @return the element
*/
private static org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey, final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider", SIGNATURE_FACTORY_PROVIDER_CLASS);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
final List<Transform> envelopedTransform = Collections.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference(StringUtils.EMPTY, sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null);
// Create the SignatureMethod based on the type of key
final SignatureMethod signatureMethod;
final String algorithm = pubKey.getAlgorithm();
switch (algorithm) {
case "DSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null);
break;
case "RSA":
signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
break;
default:
throw new RuntimeException("Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires w3c representation)
final Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
final Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
final XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e);
}
}
示例2: dsig
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public void dsig() throws Exception {
XMLSignatureFactory fac = XMLSignatureFactory.getInstance
("DOM", new org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI());
long start = System.currentTimeMillis();
for (int i = 0; i < 100; i++) {
fac.newCanonicalizationMethod
(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
}
long end = System.currentTimeMillis();
long elapsed = end - start;
if (log.isDebugEnabled()) {
log.debug("Elapsed: " + elapsed);
log.debug("dsig succeeded");
}
}
示例3: testJsr105ReferenceUri
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testJsr105ReferenceUri() throws Exception {
String uri = FilenameUtils.getName(new File("foo bar.txt").toURI().toURL().getFile());
KeyPair keyPair = generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document);
byte[] externalDocument = "hello world".getBytes();
MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
messageDigest.update(externalDocument);
byte[] documentDigestValue = messageDigest.digest();
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod,
signatureMethod, Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
xmlSignature.sign(signContext);
}
示例4: createCanonicalizationMethod
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Nonnull
@OverrideOnDemand
protected CanonicalizationMethod createCanonicalizationMethod (@Nonnull final XMLSignatureFactory aSignatureFactory) throws Exception
{
return aSignatureFactory.newCanonicalizationMethod (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
}
示例5: signSamlAssertion
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Signs the SAML assertion using the specified public and private keys.
*
* @param document
* SAML assertion be signed.
* @param privateKey
* Private key used to sign SAML assertion.
* @param publicKey
* Public key used to sign SAML asserion.
* @return w3c element representation of specified document.
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
* @throws KeyException
* @throws MarshalException
* @throws XMLSignatureException
*/
private Element signSamlAssertion(Document document, PrivateKey privateKey, X509Certificate certificate)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException,
XMLSignatureException {
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM");
List<Transform> envelopedTransform = Collections.singletonList(signatureFactory.newTransform(
Transform.ENVELOPED, (TransformParameterSpec) null));
Reference ref = signatureFactory.newReference("", signatureFactory.newDigestMethod(DigestMethod.SHA1, null),
envelopedTransform, null, null);
SignatureMethod signatureMethod = null;
if (certificate.getPublicKey() instanceof DSAPublicKey) {
signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null);
} else if (certificate.getPublicKey() instanceof RSAPublicKey) {
signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
}
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(ref));
KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
X509Data data = keyInfoFactory.newX509Data(Collections.singletonList(certificate));
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(data));
Element w3cElement = document.getDocumentElement();
Node xmlSigInsertionPoint = getXmlSignatureInsertionLocation(w3cElement);
DOMSignContext dsc = new DOMSignContext(privateKey, w3cElement, xmlSigInsertionPoint);
XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(dsc);
return w3cElement;
}
示例6: signSamlElement
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Sign SAML element.
*
* @param element the element
* @param privKey the priv key
* @param pubKey the pub key
* @return the element
*/
private org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey,
final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider",
SIGNATURE_FACTORY_PROVIDER_CLASS);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName)
.newInstance());
final List<Transform> envelopedTransform = Collections
.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference("", sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform,
null, null);
// Create the SignatureMethod based on the type of key
final SignatureMethod signatureMethod;
if (pubKey instanceof DSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.DSA_SHA1, null);
} else if (pubKey instanceof RSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.RSA_SHA1, null);
} else {
throw new RuntimeException("Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections
.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory
.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires
// w3c representation)
final org.w3c.dom.Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
final org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
final XMLSignature signature = sigFactory.newXMLSignature(signedInfo,
keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: "
+ e.getMessage(), e);
}
}
示例7: signSamlElement
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
private static Element signSamlElement(final Element element, final PrivateKey privKey,
final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider",
JSR_105_PROVIDER);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName)
.newInstance());
final List envelopedTransform = Collections
.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference("", sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform,
null, null);
// Create the SignatureMethod based on the type of key
SignatureMethod signatureMethod;
if (pubKey instanceof DSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.DSA_SHA1, null);
} else if (pubKey instanceof RSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.RSA_SHA1, null);
} else {
throw new RuntimeException(
"Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections
.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory
.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires
// w3c
// representation)
org.w3c.dom.Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
XMLSignature signature = sigFactory.newXMLSignature(signedInfo,
keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: "
+ e.getMessage(), e);
}
}
示例8: testJsr105Signature
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testJsr105Signature() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setIdAttribute("Id", true);
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
Reference reference = signatureFactory.newReference("#id-1234", digestMethod);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例9: testJsr105SignatureExternalXML
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testJsr105SignatureExternalXML() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.setURIDereferencer(new MyURIDereferencer());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
List<Transform> transforms = new LinkedList<Transform>();
Transform transform = signatureFactory.newTransform(CanonicalizationMethod.INCLUSIVE,
(TransformParameterSpec) null);
transforms.add(transform);
Reference reference = signatureFactory.newReference("/helloworld.xml", digestMethod, transforms, null, null);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例10: testJsr105SignatureExternalXMLWithDTD
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testJsr105SignatureExternalXMLWithDTD() throws Exception {
KeyPair keyPair = PkiTestUtils.generateKeyPair();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
dataElement.setAttributeNS(null, "Id", "id-1234");
dataElement.setTextContent("data to be signed");
rootElement.appendChild(dataElement);
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.setURIDereferencer(new MyURIDereferencer());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
List<Transform> transforms = new LinkedList<Transform>();
Transform transform = signatureFactory.newTransform(CanonicalizationMethod.INCLUSIVE,
(TransformParameterSpec) null);
LOG.debug("transform type: " + transform.getClass().getName());
transforms.add(transform);
Reference reference = signatureFactory.newReference("/bookstore.xml", digestMethod, transforms, null, null);
DOMReference domReference = (DOMReference) reference;
assertNull(domReference.getCalculatedDigestValue());
assertNull(domReference.getDigestValue());
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(reference));
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
domXmlSignature.marshal(document.getDocumentElement(), "ds", (DOMCryptoContext) signContext);
domReference.digest(signContext);
// xmlSignature.sign(signContext);
// LOG.debug("signed document: " + toString(document));
Element nsElement = document.createElement("ns");
nsElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:ds", Constants.SignatureSpecNS);
Node digestValueNode = XPathAPI.selectSingleNode(document, "//ds:DigestValue", nsElement);
assertNotNull(digestValueNode);
String digestValueTextContent = digestValueNode.getTextContent();
LOG.debug("digest value text content: " + digestValueTextContent);
assertFalse(digestValueTextContent.isEmpty());
}
示例11: testCoSignature
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testCoSignature() throws Exception {
// setup
Document document = PkiTestUtils
.loadDocument(CoSignatureFacetTest.class.getResourceAsStream("/helloworld.xml"));
KeyPair keyPair = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
CoSignatureFacet testedInstance = new CoSignatureFacet();
List<Reference> references = new LinkedList<Reference>();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
// operate
xmlSignature.sign(signContext);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList.getLength());
Node signatureNode = signatureNodeList.item(0);
DOMValidateContext domValidateContext = new DOMValidateContext(keyPair.getPublic(), signatureNode);
XMLSignature validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = validationXmlSignature.validate(domValidateContext);
assertTrue(validity);
document.getDocumentElement().getFirstChild().setNodeValue("test");
LOG.debug("signed document: " + PkiTestUtils.toString(document));
assertTrue(validationXmlSignature.validate(domValidateContext));
// really have to re-load the XML signature object.
validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
assertFalse(validationXmlSignature.validate(domValidateContext));
}
示例12: testCoSignatureUri
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testCoSignatureUri() throws Exception {
// setup
Document document = PkiTestUtils
.loadDocument(CoSignatureFacetTest.class.getResourceAsStream("/helloworld.xml"));
KeyPair keyPair = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
CoSignatureFacet testedInstance = new CoSignatureFacet(DigestAlgo.SHA1, "ref-1234");
List<Reference> references = new LinkedList<Reference>();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
// operate
xmlSignature.sign(signContext);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList.getLength());
Node signatureNode = signatureNodeList.item(0);
DOMValidateContext domValidateContext = new DOMValidateContext(keyPair.getPublic(), signatureNode);
XMLSignature validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = validationXmlSignature.validate(domValidateContext);
assertTrue(validity);
document.getDocumentElement().getFirstChild().setNodeValue("test");
LOG.debug("signed document: " + PkiTestUtils.toString(document));
assertTrue(validationXmlSignature.validate(domValidateContext));
// really have to re-load the XML signature object.
validationXmlSignature = signatureFactory.unmarshalXMLSignature(domValidateContext);
assertFalse(validationXmlSignature.validate(domValidateContext));
}
示例13: testMultipleCoSignatures
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testMultipleCoSignatures() throws Exception {
// setup
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
Document document = documentBuilder.newDocument();
Element rootElement = document.createElementNS("urn:test", "tns:root");
rootElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:tns", "urn:test");
document.appendChild(rootElement);
Element dataElement = document.createElementNS("urn:test", "tns:data");
rootElement.appendChild(dataElement);
// add alot of nodes to test performance
// when using xpath v1 in the co signature facet the c14n became really
// slow
for (int i = 0; i < 80000; i++) {
Element fooElement = document.createElementNS("urn:test", "tns:foo");
fooElement.setTextContent("bar");
dataElement.appendChild(fooElement);
}
KeyPair keyPair1 = PkiTestUtils.generateKeyPair();
KeyPair keyPair2 = PkiTestUtils.generateKeyPair();
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
List<Reference> references = new LinkedList<Reference>();
CoSignatureFacet testedInstance = new CoSignatureFacet();
testedInstance.preSign(signatureFactory, document, "foo-bar", null, references, null);
// ds:SignedInfo
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references);
XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null);
XMLSignature xmlSignature2 = signatureFactory.newXMLSignature(signedInfo, null);
// sign context
XMLSignContext signContext1 = new DOMSignContext(keyPair1.getPrivate(), document.getDocumentElement());
signContext1.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
XMLSignContext signContext2 = new DOMSignContext(keyPair2.getPrivate(), document.getDocumentElement());
signContext2.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");
// operate
xmlSignature.sign(signContext1);
xmlSignature2.sign(signContext2);
// verify
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(2, signatureNodeList.getLength());
Node signature1Node = signatureNodeList.item(0);
DOMValidateContext domValidateContext1 = new DOMValidateContext(keyPair1.getPublic(), signature1Node);
XMLSignature validationXmlSignature1 = signatureFactory.unmarshalXMLSignature(domValidateContext1);
boolean validity1 = validationXmlSignature1.validate(domValidateContext1);
assertTrue(validity1);
Node signature2Node = signatureNodeList.item(1);
DOMValidateContext domValidateContext2 = new DOMValidateContext(keyPair2.getPublic(), signature2Node);
XMLSignature validationXmlSignature2 = signatureFactory.unmarshalXMLSignature(domValidateContext2);
boolean validity2 = validationXmlSignature2.validate(domValidateContext2);
assertTrue(validity2);
// cut out first signature should not break second one
document.getDocumentElement().removeChild(signature1Node);
LOG.debug("signed document: " + PkiTestUtils.toString(document));
NodeList signatureNodeList2 = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
assertEquals(1, signatureNodeList2.getLength());
Node signature3Node = signatureNodeList2.item(0);
DOMValidateContext domValidateContext3 = new DOMValidateContext(keyPair2.getPublic(), signature3Node);
XMLSignature validationXmlSignature3 = signatureFactory.unmarshalXMLSignature(domValidateContext3);
boolean validity3 = validationXmlSignature3.validate(domValidateContext3);
assertTrue(validity3);
}
示例14: sign
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
private static Document sign(Document doc) throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, KeyStoreException,
CertificateException, FileNotFoundException, IOException,
UnrecoverableEntryException, javax.xml.crypto.MarshalException,
XMLSignatureException, TransformerException {
// Create a DOM XMLSignatureFactory that will be used to
// generate the enveloped signature.
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
// Create a Reference to the enveloped document (in this case,
// you are signing the whole document, so a URI of "" signifies
// that, and also specify the SHA1 digest algorithm and
// the ENVELOPED Transform.
Transform transform = fac.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null);
DigestMethod digestMethod = fac
.newDigestMethod(DigestMethod.SHA1, null);
Reference ref = fac.newReference("", digestMethod,
Collections.singletonList(transform), null, null);
// Create the SignedInfo.
CanonicalizationMethod canonicalizationMethod = fac
.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null);
SignatureMethod signatureMethod = fac.newSignatureMethod(
SignatureMethod.RSA_SHA1, null);
SignedInfo si = fac.newSignedInfo(canonicalizationMethod,
signatureMethod, Collections.singletonList(ref));
// Load the KeyStore and get the signing key and certificate.
String password = "123456";
String keyAlias = "1";
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream("UDIR.PAS2.keystore"),password.toCharArray());
KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks
.getEntry(keyAlias,
new KeyStore.PasswordProtection(password.toCharArray()));
X509Certificate cert = (X509Certificate) keyEntry.getCertificate();
// Create the KeyInfo containing the X509Data.
KeyInfoFactory kif = fac.getKeyInfoFactory();
List x509Content = new ArrayList();
x509Content.add(cert);
X509Data xd = kif.newX509Data(x509Content);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
// Create a DOMSignContext and specify the RSA PrivateKey and
// location of the resulting XMLSignature's parent element.
DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(),
doc.getDocumentElement());
// Create the XMLSignature, but don't sign it yet.
XMLSignature signature = fac.newXMLSignature(si, ki);
// Marshal, generate, and sign the enveloped signature.
signature.sign(dsc);
// Output the resulting document.
OutputStream os = new FileOutputStream("xmlOut.xml");
TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
trans.transform(new DOMSource(doc), new StreamResult(os));
return doc;
}