本文整理匯總了Java中javax.xml.crypto.dsig.XMLSignatureFactory.unmarshalXMLSignature方法的典型用法代碼示例。如果您正苦於以下問題:Java XMLSignatureFactory.unmarshalXMLSignature方法的具體用法?Java XMLSignatureFactory.unmarshalXMLSignature怎麽用?Java XMLSignatureFactory.unmarshalXMLSignature使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類javax.xml.crypto.dsig.XMLSignatureFactory的用法示例。
在下文中一共展示了XMLSignatureFactory.unmarshalXMLSignature方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: verifySignature
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Verification via the default JSR105 implementation triggers some
* canonicalization errors.
*
* @param odfUrl
* @param signatureNode
* @throws MarshalException
* @throws XMLSignatureException
*/
private boolean verifySignature(URL odfUrl, Node signatureNode) throws MarshalException, XMLSignatureException {
// work-around for Java 7
Element signedPropertiesElement = (Element) ((Element) signatureNode)
.getElementsByTagNameNS(XAdESXLSignatureFacet.XADES_NAMESPACE, "SignedProperties").item(0);
if (null != signedPropertiesElement) {
signedPropertiesElement.setIdAttribute("Id", true);
}
DOMValidateContext domValidateContext = new DOMValidateContext(new KeyInfoKeySelector(), signatureNode);
ODFURIDereferencer dereferencer = new ODFURIDereferencer(odfUrl);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
LOG.debug("java version: " + System.getProperty("java.version"));
/*
* Requires Java 6u10 because of a bug. See also:
* http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6696582
*/
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
return validity;
}
示例2: isValid
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public boolean isValid() throws Exception {
NodeList nodes = xmlDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nodes == null || nodes.getLength() == 0) {
throw new Exception("Can't find signature in document.");
}
if (setIdAttributeExists()) {
tagIdAttributes(xmlDoc);
}
X509Certificate cert = samlSettings.getCertificate();
DOMValidateContext ctx = new DOMValidateContext(cert.getPublicKey(), nodes.item(0));
XMLSignatureFactory sigF = XMLSignatureFactory.getInstance("DOM");
XMLSignature xmlSignature = sigF.unmarshalXMLSignature(ctx);
return xmlSignature.validate(ctx);
}
示例3: validate
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
private boolean validate(final DOMValidateContext validationContext)
throws DigitalSignatureValidationException {
try {
// if (getLogger().isDebugLoggingEnabled()) {
// enableReferenceCaching(validationContext);
// }
XMLSignatureFactory factory = XMLSignatureFactory
.getInstance(XML_MECHANISM_TYPE);
XMLSignature signature = factory
.unmarshalXMLSignature(validationContext);
boolean validationResult = signature.validate(validationContext);
validationResult = workaroundOpenamBug(signature,
validationContext, validationResult);
// if (getLogger().isDebugLoggingEnabled()) {
// debugLogReferences(signature, validationContext);
// }
return validationResult;
} catch (XMLSignatureException | MarshalException exception) {
throw new DigitalSignatureValidationException(
"Error occurred during digital signature validation process",
DigitalSignatureValidationException.ReasonEnum.EXCEPTION_OCCURRED,
exception);
}
}
示例4: main
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public static void main(String[] args) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setValidating(false);
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
Document doc = dbf.newDocumentBuilder().parse(new File(SIGNATURE));
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS,
"Signature");
if (nl.getLength() == 0) {
throw new RuntimeException("Couldn't find 'Signature' element");
}
Element element = (Element) nl.item(0);
byte[] keyBytes = Base64.getDecoder().decode(validationKey);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey key = kf.generatePublic(spec);
KeySelector ks = KeySelector.singletonKeySelector(key);
DOMValidateContext vc = new DOMValidateContext(ks, element);
// disable secure validation mode
vc.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.FALSE);
// set a dummy dereferencer to be able to get content by references
vc.setURIDereferencer(dereferencer);
XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
XMLSignature signature = factory.unmarshalXMLSignature(vc);
// run validation
signature.validate(vc);
}
示例5: validateXmlDSig
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Utility function to validate XML Signature to do a self check
* @param signed request
* @return
*/
private boolean validateXmlDSig(String signed, X509Certificate cert){
try {
DocumentBuilderFactory dbf =
DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(signed.getBytes("utf-8")));
NodeList signatureNodeList = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
NodeList bodyNodeList = doc.getElementsByTagNameNS("http://schemas.xmlsoap.org/soap/envelope/", "Body");
if (signatureNodeList.getLength() == 0) {
throw new Exception("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(cert.getPublicKey(), signatureNodeList.item(0));
valContext.setIdAttributeNS((Element)bodyNodeList.item(0),"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd","Id");
XMLSignatureFactory factory =
XMLSignatureFactory.getInstance("DOM");
XMLSignature signature =
factory.unmarshalXMLSignature(valContext);
boolean coreValidity = signature.validate(valContext);
/*
//detailed validation - use when solving validity problems
boolean sv = signature.getSignatureValue().validate(valContext);
Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
for (int j=0; i.hasNext(); j++) {
boolean refValid = ( i.next()).validate(valContext);
}
*/
return coreValidity;
}
catch (Exception e){
throw new IllegalArgumentException("validation failes", e);
}
}
示例6: verify
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Verifies that signed mark data contains a valid signature.
*
* <p>This method DOES NOT check if the SMD ID is revoked. It's only concerned with the
* cryptographic stuff.
*
* @throws GeneralSecurityException for unsupported protocols, certs not signed by the TMCH,
* incorrect keys, and for invalid, old, not-yet-valid or revoked certificates.
* @throws IOException
* @throws MarshalException
* @throws ParserConfigurationException
* @throws SAXException
*/
public void verify(byte[] smdXml)
throws GeneralSecurityException, IOException, MarshalException, ParserConfigurationException,
SAXException, XMLSignatureException {
checkArgument(smdXml.length > 0);
Document doc = parseSmdDocument(new ByteArrayInputStream(smdXml));
NodeList signatureNodes = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (signatureNodes.getLength() != 1) {
throw new XMLSignatureException("Expected exactly one <ds:Signature> element.");
}
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
KeyValueKeySelector selector = new KeyValueKeySelector(tmchCertificateAuthority);
DOMValidateContext context = new DOMValidateContext(selector, signatureNodes.item(0));
XMLSignature signature = factory.unmarshalXMLSignature(context);
boolean isValid;
try {
isValid = signature.validate(context);
} catch (XMLSignatureException e) {
throwIfInstanceOf(getRootCause(e), GeneralSecurityException.class);
throw e;
}
if (!isValid) {
throw new XMLSignatureException(explainValidationProblem(context, signature));
}
}
示例7: getVerifiedSignatureSigner
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
private static X509Certificate getVerifiedSignatureSigner(URL odfUrl, Node signatureNode)
throws MarshalException, XMLSignatureException {
if (null == odfUrl) {
throw new IllegalArgumentException("odfUrl is null");
}
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
ODFURIDereferencer dereferencer = new ODFURIDereferencer(odfUrl);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
LOG.debug("java version: " + System.getProperty("java.version"));
/*
* Requires Java 6u10 because of a bug. See also:
* http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6696582
*/
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
if (false == validity) {
LOG.debug("invalid signature");
return null;
}
// TODO: check what has been signed.
X509Certificate signer = keySelector.getCertificate();
if (null == signer) {
throw new IllegalStateException("signer X509 certificate is null");
}
LOG.debug("signer: " + signer.getSubjectX500Principal());
return signer;
}
示例8: getSigners
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public List<X509Certificate> getSigners(URL url) throws IOException, ParserConfigurationException, SAXException,
TransformerException, MarshalException, XMLSignatureException, JAXBException {
List<X509Certificate> signers = new LinkedList<X509Certificate>();
List<String> signatureResourceNames = getSignatureResourceNames(url);
for (String signatureResourceName : signatureResourceNames) {
LOG.debug("signature resource name: " + signatureResourceName);
Document signatureDocument = loadDocument(url, signatureResourceName);
if (null == signatureDocument) {
LOG.warn("signature resource not found: " + signatureResourceName);
continue;
}
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (0 == signatureNodeList.getLength()) {
LOG.debug("no signature elements present");
continue;
}
Node signatureNode = signatureNodeList.item(0);
OPCKeySelector keySelector = new OPCKeySelector(url, signatureResourceName);
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
boolean validity = xmlSignature.validate(domValidateContext);
if (false == validity) {
LOG.debug("not a valid signature");
continue;
}
// TODO: check what has been signed.
X509Certificate signer = keySelector.getCertificate();
signers.add(signer);
}
return signers;
}
示例9: testSignedOOXML2
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testSignedOOXML2() throws Exception {
// setup
URL url = OOXMLSignatureVerifierTest.class.getResource("/signed.docx");
// operate
OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
List<X509Certificate> result = verifier.getSigners(url);
// verify
assertNotNull(result);
assertEquals(1, result.size());
X509Certificate signer = result.get(0);
LOG.debug("signer: " + signer.getSubjectX500Principal());
byte[] document = IOUtils.toByteArray(url.openStream());
List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
signatureResourceNames.get(0));
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
Element signatureElement = (Element) signatureNodeList.item(0);
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
示例10: testSignedOOXMLOffice2010ValidOOXML
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
@Test
public void testSignedOOXMLOffice2010ValidOOXML() throws Exception {
// setup
URL url = OOXMLSignatureVerifierTest.class.getResource("/hallo.docx");
// operate
OOXMLSignatureVerifier verifier = new OOXMLSignatureVerifier();
List<X509Certificate> result = verifier.getSigners(url);
// verify
assertNotNull(result);
assertEquals(1, result.size());
X509Certificate signer = result.get(0);
LOG.debug("signer: " + signer.getSubjectX500Principal());
byte[] document = IOUtils.toByteArray(url.openStream());
List<String> signatureResourceNames = verifier.getSignatureResourceNames(document);
Document signatureDocument = verifier.getSignatureDocument(new ByteArrayInputStream(document),
signatureResourceNames.get(0));
NodeList signatureNodeList = signatureDocument.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
Element signatureElement = (Element) signatureNodeList.item(0);
KeyInfoKeySelector keySelector = new KeyInfoKeySelector();
DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureElement);
domValidateContext.setProperty("org.jcp.xml.dsig.validateManifests", Boolean.TRUE);
OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(document);
domValidateContext.setURIDereferencer(dereferencer);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance();
XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext);
assertTrue(verifier.isValidOOXMLSignature(xmlSignature, document));
}
示例11: validateSignature
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Validates if the first XML Signature of the given document is valid
* Only used for test purposes
*
* @param document
* Document with signature to validate
* @return true if valid, else false
*/
public boolean validateSignature(Document document) throws Exception {
setIDAttribute(document);
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
// Find Signature element.
NodeList nl = document.getElementsByTagNameNS(javax.xml.crypto.dsig.XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new Exception("Cannot find Signature element");
}
// Create a DOMValidateContext and specify a KeySelector
// and document context.
DOMValidateContext valContext = new DOMValidateContext(new X509KeySelector(), nl.item(0));
// Unmarshal the XMLSignature
javax.xml.crypto.dsig.XMLSignature signature = fac.unmarshalXMLSignature(valContext);
// Validate the XMLSignature.
boolean coreValidity = signature.validate(valContext);
// Check core validation status.
if (coreValidity == false) {
boolean sv = signature.getSignatureValue().validate(valContext);
if (sv == false) {
if(Flags.DEBUG){
// Check the validation status of each Reference.
@SuppressWarnings("rawtypes")
Iterator i = signature.getSignedInfo().getReferences().iterator();
for (int j = 0; i.hasNext(); j++) {
boolean refValid = ((Reference) i.next()).validate(valContext);
System.out.println("ref[" + j + "] validity status: " + refValid);
}
}
}
}
return coreValidity;
}
示例12: validate
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public boolean validate(Document document) {
checkNotNull(document);
try {
NodeList nl = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
DOMValidateContext valContext = new DOMValidateContext(new X509KeySelector(), nl.item(0));
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = signatureFactory.unmarshalXMLSignature(valContext);
return signature.validate(valContext);
}
catch (Exception ex) {
throw new IllegalArgumentException("Erro ao validar o XML.", ex);
}
}
示例13: verify
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
private boolean verify(Document document, List<EbMSDataSource> dataSources) throws MarshalException, XMLSignatureException
{
NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS,"Signature");
if (nodeList.getLength() > 0)
{
XMLSignatureFactory signFactory = XMLSignatureFactory.getInstance();
DOMValidateContext validateContext = new DOMValidateContext(new XMLDSigKeySelector(),nodeList.item(0));
URIDereferencer dereferencer = new EbMSDataSourceURIDereferencer(dataSources);
validateContext.setURIDereferencer(dereferencer);
XMLSignature signature = signFactory.unmarshalXMLSignature(validateContext);
return signature.validate(validateContext);
}
return true;
}
示例14: verifyMessage
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
public boolean verifyMessage( String message )
throws SAXException, MarshalException, XMLSignatureException, XPathExpressionException
{
Document doc = DomUtilities.stringToDom( message );
setAllIdAttributesInDocument( doc, "Id" );
setAllIdAttributesInDocument( doc, "ID" );
// Find Signature element.
NodeList nl = doc.getElementsByTagNameNS( XMLSignature.XMLNS, "Signature" );
if ( nl.getLength() == 0 )
{
throw new RuntimeException( "Cannot find Signature element" );
}
boolean valid = true;
XMLSignatureFactory fac = XMLSignatureFactory.getInstance( "DOM" );
for ( int i = 0; i < nl.getLength(); i++ )
{
DOMValidateContext valContext = new DOMValidateContext( new X509KeySelector(), nl.item( i ) );
// Unmarshal the XMLSignature.
XMLSignature signature = fac.unmarshalXMLSignature( valContext );
// Validate the XMLSignature.
boolean coreValidity = signature.validate( valContext );
if ( coreValidity == false )
{
valid = false;
}
}
return valid;
}
示例15: validSignature
import javax.xml.crypto.dsig.XMLSignatureFactory; //導入方法依賴的package包/類
/**
* Check the xmldsig signature of the XML document.
* @param document the document to test
* @param publicKey the public key corresponding to the key pair the document was signed with
* @return true if a correct signature is present, false otherwise
*/
public static boolean validSignature(Document document, Key publicKey) {
Node signatureNode = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature").item(0);
KeySelector keySelector = KeySelector.singletonKeySelector(publicKey);
try {
String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
DOMValidateContext valContext = new DOMValidateContext(keySelector, signatureNode);
XMLSignature signature = fac.unmarshalXMLSignature(valContext);
return signature.validate(valContext);
} catch (Exception e) {
Logger.warn("Error validating an XML signature.", e);
return false;
}
}