List of usage examples for javax.xml.crypto.dsig CanonicalizationMethod EXCLUSIVE
String EXCLUSIVE
To view the source code for javax.xml.crypto.dsig CanonicalizationMethod EXCLUSIVE.
Click Source Link
From source file:Main.java
private static SignedInfo createSignedInfo(final String algorithm, final SignatureMethodParameterSpec methodParamSpec, final String signatureId, final String referenceUri) throws SignatureException { try {//from w w w . j av a 2s .com final CanonicalizationMethod canonicalizationMethod = getXMLSignatureFactory() .newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (XMLStructure) null); final SignatureMethod signatureMethod = getXMLSignatureFactory().newSignatureMethod(algorithm, methodParamSpec); return getXMLSignatureFactory().newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(createReference(referenceUri)), signatureId); } catch (final Exception e) { throw new SignatureException("Error creating signed info", e); } }
From source file:Main.java
private static Reference createReference(final String uri) throws SignatureException { try {//from w w w . j a v a 2s . c om final List<Transform> transforms = new ArrayList<>(); transforms .add(getXMLSignatureFactory().newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); transforms.add(getXMLSignatureFactory().newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (XMLStructure) null)); final DigestMethod digestMethod = getXMLSignatureFactory().newDigestMethod(DigestMethod.SHA1, null); String referenceUri = ""; if (uri != null) { referenceUri = uri; } return getXMLSignatureFactory().newReference(referenceUri, digestMethod, transforms, null, null); } catch (final Exception e) { throw new SignatureException("Error creating reference", e); } }
From source file:eu.europa.esig.dss.xades.signature.EnvelopedSignatureBuilder.java
/** * The default constructor for EnvelopedSignatureBuilder. The enveloped signature uses by default the exclusive method of canonicalization. * @param params The set of parameters relating to the structure and process of the creation or extension of the electronic signature. * @param origDoc The original document to sign. * @param certificateVerifier//from ww w . ja v a2 s .c om */ public EnvelopedSignatureBuilder(final XAdESSignatureParameters params, final DSSDocument origDoc, final CertificateVerifier certificateVerifier) { super(params, origDoc, certificateVerifier); setCanonicalizationMethods(params, CanonicalizationMethod.EXCLUSIVE); }
From source file:eu.europa.esig.dss.xades.signature.CounterSignatureBuilder.java
@Override protected List<DSSReference> createDefaultReferences() { final List<DSSReference> references = new ArrayList<DSSReference>(); final DSSReference dssReference = new DSSReference(); dssReference.setId("cs-r-id-1"); dssReference.setUri("#" + params.getToCounterSignSignatureValueId()); dssReference.setType(xPathQueryHolder.XADES_COUNTERSIGNED_SIGNATURE); dssReference.setContents(detachedDocument); dssReference.setDigestMethodAlgorithm(params.getDigestAlgorithm()); final List<DSSTransform> dssTransformList = new ArrayList<DSSTransform>(); DSSTransform dssTransform = new DSSTransform(); dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE); dssTransform.setPerform(true);//from www . j av a 2s. c o m dssTransformList.add(dssTransform); dssReference.setTransforms(dssTransformList); references.add(dssReference); return references; }
From source file:no.digipost.api.SdpMeldingSigner.java
public Document sign(final StandardBusinessDocument sbd) { try {/* w w w. ja v a2 s.c o m*/ PrivateKey privateKey = keystoreInfo.getPrivateKey(); X509Certificate certificate = keystoreInfo.getCertificate(); DOMResult result = new DOMResult(); Marshalling.marshal(marshaller, sbd, result); Document doc = (Document) result.getNode(); Marshalling.trimNamespaces(doc); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA256, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo( fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(Constants.RSA_SHA256, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); X509Data xd = kif.newX509Data(Collections.singletonList(certificate)); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); XMLSignature signature = fac.newXMLSignature(si, ki); Node digitalPostNode = doc.getDocumentElement().getFirstChild().getNextSibling(); Node avsenderNode = digitalPostNode.getFirstChild(); DOMSignContext dsc = new DOMSignContext(privateKey, digitalPostNode, avsenderNode); signature.sign(dsc); doc.normalizeDocument(); return doc; } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (UnrecoverableKeyException e) { throw new RuntimeException(e); } catch (XMLSignatureException e) { throw new RuntimeException(e); } catch (InvalidAlgorithmParameterException e) { throw new RuntimeException(e); } catch (KeyStoreException e) { throw new RuntimeException(e); } catch (MarshalException e) { throw new RuntimeException(e); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:eu.europa.esig.dss.xades.signature.EnvelopedSignatureBuilder.java
@Override protected List<DSSReference> createDefaultReferences() { final List<DSSReference> dssReferences = new ArrayList<DSSReference>(); DSSReference dssReference = new DSSReference(); dssReference.setId("r-id-1"); dssReference.setUri(""); dssReference.setContents(detachedDocument); dssReference.setDigestMethodAlgorithm(params.getDigestAlgorithm()); final List<DSSTransform> dssTransformList = new ArrayList<DSSTransform>(); // For parallel signatures DSSTransform dssTransform = new DSSTransform(); dssTransform.setAlgorithm(Transforms.TRANSFORM_XPATH); dssTransform.setElementName(DS_XPATH); dssTransform.setNamespace(XMLSignature.XMLNS); dssTransform.setTextContent(NOT_ANCESTOR_OR_SELF_DS_SIGNATURE); dssTransform.setPerform(true);//from w ww .j av a 2s.c o m dssTransformList.add(dssTransform); // Canonicalization is the last operation, its better to operate the canonicalization on the smaller document dssTransform = new DSSTransform(); dssTransform.setAlgorithm(CanonicalizationMethod.EXCLUSIVE); dssTransform.setPerform(true); dssTransformList.add(dssTransform); dssReference.setTransforms(dssTransformList); dssReferences.add(dssReference); return dssReferences; }
From source file:be.e_contract.mycarenet.xkms.ProofOfPossessionSignatureSOAPHandler.java
private void addSignature(Element parentElement) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException { DOMSignContext domSignContext = new DOMSignContext(this.sessionKey.getPrivate(), parentElement); XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); Reference reference = xmlSignatureFactory.newReference("#" + this.prototypeKeyBindingId, xmlSignatureFactory.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(xmlSignatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)), null, null);/*ww w. j a v a 2 s .co m*/ SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo( xmlSignatureFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), xmlSignatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, null); xmlSignature.sign(domSignContext); }
From source file:com.vmware.identity.sts.ws.SignatureValidator.java
/** * Validate the canonicalization method of the signature. * @param xmlSignature the XMLSignature to validate the canonicalization method of. * @throws XMLSignatureException when validation fails. *///from w w w . j a v a 2 s . com private void validateCanonicalizationMethod(XMLSignature xmlSignature) throws XMLSignatureException { assert xmlSignature != null; // Exclusive canonicalization without comments (xml-exc-c14n) must be used prior to signature generation. if (!CanonicalizationMethod.EXCLUSIVE .equals(xmlSignature.getSignedInfo().getCanonicalizationMethod().getAlgorithm())) { throw new XMLSignatureException(String.format("Canonicalization algorithm '%s' is not supported.", xmlSignature.getSignedInfo().getCanonicalizationMethod().getAlgorithm())); } }
From source file:eu.europa.ec.markt.dss.signature.xades.XAdESProfileT.java
protected byte[] getC14nValue(Node node) { try {/*from w w w .j av a2s . c om*/ Canonicalizer c14n = Canonicalizer.getInstance(CanonicalizationMethod.EXCLUSIVE); return c14n.canonicalizeSubtree(node); } catch (InvalidCanonicalizerException e) { throw new RuntimeException("c14n algo error: " + e.getMessage(), e); } catch (CanonicalizationException e) { throw new RuntimeException("c14n error: " + e.getMessage(), e); } }
From source file:be.e_contract.mycarenet.xkms2.KeyBindingAuthenticationSignatureSOAPHandler.java
private void addSignature(Element parentElement) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException { DOMSignContext domSignContext = new DOMSignContext(this.authnPrivateKey, parentElement); XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); Reference reference = xmlSignatureFactory.newReference(this.referenceUri, xmlSignatureFactory.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(xmlSignatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)), null, null);//from w w w. ja v a2 s . c o m SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo( xmlSignatureFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), xmlSignatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory(); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections .singletonList(keyInfoFactory.newX509Data(Collections.singletonList(this.authnCertificate)))); XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo); xmlSignature.sign(domSignContext); }