List of usage examples for javax.xml.crypto.dsig DigestMethod SHA256
String SHA256
To view the source code for javax.xml.crypto.dsig DigestMethod SHA256.
Click Source Link
From source file:edu.isi.misd.tagfiler.util.LocalFileChecksum.java
/** * Computes a checksum on a file, given the proper message digest * implementation/*w w w .j av a 2s . c o m*/ * * @param file * file to read * @param messageDigest * MessageDigest to use * @return the checksum bytes of the file * @thows FatalException if the checksum cannot be constructed. */ public static String computeFileChecksum(File file) throws FatalException { if (file == null) throw new IllegalArgumentException("file"); String checksum = null; FileInputStream stream = null; try { stream = new FileInputStream(file); if (DigestMethod.SHA512.equals(digestType)) { checksum = DigestUtils.sha512Hex(stream); } else if (DigestMethod.SHA256.equals(digestType)) { checksum = DigestUtils.sha256Hex(stream); } else if (DigestMethod.SHA1.equals(digestType)) { checksum = DigestUtils.shaHex(stream); } else { checksum = DigestUtils.md5Hex(stream); } } catch (IOException e) { e.printStackTrace(); throw new FatalException(e); } finally { if (stream != null) { try { stream.close(); } catch (IOException e) { } } } return checksum; }
From source file:gov.nih.nci.cacis.nav.DefaultDocumentReferenceValidator.java
/** * Default Constructor//from ww w.j a v a2s .c o m */ public DefaultDocumentReferenceValidator() { supportedAlgorithms.put(DigestMethod.SHA1, "SHA-1"); supportedAlgorithms.put(DigestMethod.SHA256, "SHA-256"); supportedAlgorithms.put(DigestMethod.SHA512, "SHA-512"); }
From source file:no.digipost.api.SdpMeldingSigner.java
public Document sign(final StandardBusinessDocument sbd) { try {/*ww w .ja v a2s . c om*/ PrivateKey privateKey = keystoreInfo.getPrivateKey(); X509Certificate certificate = keystoreInfo.getCertificate(); DOMResult result = new DOMResult(); Marshalling.marshal(marshaller, sbd, result); Document doc = (Document) result.getNode(); Marshalling.trimNamespaces(doc); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA256, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo( fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(Constants.RSA_SHA256, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); X509Data xd = kif.newX509Data(Collections.singletonList(certificate)); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); XMLSignature signature = fac.newXMLSignature(si, ki); Node digitalPostNode = doc.getDocumentElement().getFirstChild().getNextSibling(); Node avsenderNode = digitalPostNode.getFirstChild(); DOMSignContext dsc = new DOMSignContext(privateKey, digitalPostNode, avsenderNode); signature.sign(dsc); doc.normalizeDocument(); return doc; } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (UnrecoverableKeyException e) { throw new RuntimeException(e); } catch (XMLSignatureException e) { throw new RuntimeException(e); } catch (InvalidAlgorithmParameterException e) { throw new RuntimeException(e); } catch (KeyStoreException e) { throw new RuntimeException(e); } catch (MarshalException e) { throw new RuntimeException(e); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:no.digipost.signature.client.asice.signature.CreateSignature.java
public CreateSignature() { createXAdESProperties = new CreateXAdESProperties(); transformerFactory = TransformerFactory.newInstance(); try {/* www .j a v a 2s .com*/ XMLSignatureFactory xmlSignatureFactory = getSignatureFactory(); sha256DigestMethod = xmlSignatureFactory.newDigestMethod(DigestMethod.SHA256, null); canonicalizationMethod = xmlSignatureFactory.newCanonicalizationMethod(C14V1, (C14NMethodParameterSpec) null); canonicalXmlTransform = xmlSignatureFactory.newTransform(C14V1, (TransformParameterSpec) null); } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException e) { throw new ConfigurationException("Failed to initialize XML-signing", e); } schema = loadSchema(); }
From source file:no.difi.sdp.client.asice.signature.CreateSignature.java
public CreateSignature() { createXAdESProperties = new CreateXAdESProperties(); transformerFactory = TransformerFactory.newInstance(); try {/*from www . jav a 2 s. c o m*/ XMLSignatureFactory xmlSignatureFactory = getSignatureFactory(); sha256DigestMethod = xmlSignatureFactory.newDigestMethod(DigestMethod.SHA256, null); canonicalizationMethod = xmlSignatureFactory.newCanonicalizationMethod(Constants.C14V1, (C14NMethodParameterSpec) null); canonicalXmlTransform = xmlSignatureFactory.newTransform(Constants.C14V1, (TransformParameterSpec) null); } catch (NoSuchAlgorithmException e) { throw new KonfigurasjonException("Kunne ikke initialisere xml-signering", e); } catch (InvalidAlgorithmParameterException e) { throw new KonfigurasjonException("Kunne ikke initialisere xml-signering", e); } schema = loadSchema(); }
From source file:no.digipost.api.interceptors.Wss4jInterceptor.java
public Wss4jInterceptor() { setSecurementSignatureAlgorithm(Constants.RSA_SHA256); setSecurementSignatureDigestAlgorithm(DigestMethod.SHA256); setSecurementSignatureKeyIdentifier("DirectReference"); setSecurementActions("Timestamp Signature"); setValidationActions("Timestamp Signature"); }
From source file:com.bcmcgroup.flare.xmldsig.Xmldsig.java
/** * Method used to create an enveloped digital signature for an element of a TAXII document. * * @param element the element to be signed * @param keyEntry the PrivateKeyEntry/* www. jav a2s . c o m*/ * @param cbIndex the index of the Content_Block if we're signing a Content_Block, otherwise set to -1 if we're signing the root element * @return the status of the operation * * Usage Example: * String pks = config.getProperty("pathToPublisherKeyStore"); * String pksPw = FLAREclientUtil.decrypt(config.getProperty("publisherKeyStorePassword")); * String keyName = config.getProperty("publisherKeyName"); * String keyPW = FLAREclientUtil.decrypt(config.getProperty("publisherKeyPassword")); * PrivateKeyEntry keyEntry = FLAREclientUtil.getKeyEntry(pks, pksPw, keyName, keyPW); * List<Integer> statusList = Xmldsig.sign(rootElement, keyEntry, -1); */ private static boolean sign(Element element, PrivateKeyEntry keyEntry, int cbIndex) { element.normalize(); boolean status = false; //Create XML Signature Factory XMLSignatureFactory xmlSigFactory = XMLSignatureFactory.getInstance("DOM"); PublicKey publicKey = ClientUtil.getPublicKey(keyEntry); PrivateKey privateKey = keyEntry.getPrivateKey(); DOMSignContext dsc = new DOMSignContext(privateKey, element); dsc.setDefaultNamespacePrefix("ds"); dsc.setURIDereferencer(new MyURIDereferencer(element)); SignedInfo si = null; DigestMethod dm = null; SignatureMethod sm = null; KeyInfo ki = null; X509Data xd; List<Serializable> x509Content = new ArrayList<>(); try { String algorithm = publicKey.getAlgorithm(); X509Certificate cert = (X509Certificate) keyEntry.getCertificate(); x509Content.add(cert.getSubjectX500Principal().getName()); x509Content.add(cert); String algorithmName = cert.getSigAlgName(); if (algorithm.toUpperCase().contains("RSA")) { if (algorithmName.toUpperCase().contains("SHA1")) { dm = xmlSigFactory.newDigestMethod(DigestMethod.SHA1, null); sm = xmlSigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); } else if (algorithmName.toUpperCase().contains("SHA2")) { dm = xmlSigFactory.newDigestMethod(DigestMethod.SHA256, null); sm = xmlSigFactory.newSignatureMethod(RSA_SHA256_URI, null); } else { logger.error("Error in digital signature application. " + algorithmName + " is not supported."); } CanonicalizationMethod cm; if (cbIndex != -1) { cm = xmlSigFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); String refUri = "#xpointer(//*[local-name()='Content_Block'][" + cbIndex + "]/*[local-name()='Content'][1]/*)"; List<Reference> references = Collections.singletonList(xmlSigFactory.newReference(refUri, dm)); si = xmlSigFactory.newSignedInfo(cm, sm, references); } else { List<Transform> transforms = new ArrayList<>(2); transforms.add(xmlSigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); transforms.add(xmlSigFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)); cm = xmlSigFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null); String refUri = "#xpointer(/*)"; List<Reference> references = Collections .singletonList(xmlSigFactory.newReference(refUri, dm, transforms, null, null)); si = xmlSigFactory.newSignedInfo(cm, sm, references); } KeyInfoFactory kif = xmlSigFactory.getKeyInfoFactory(); xd = kif.newX509Data(x509Content); ki = kif.newKeyInfo(Collections.singletonList(xd)); } else { logger.error("Error in digital signature application. " + algorithmName + " is not supported."); } } catch (NoSuchAlgorithmException ex) { logger.error("NoSuchAlgorithm Exception when attempting to digitally sign a document."); } catch (InvalidAlgorithmParameterException ex) { logger.error("InvalidAlgorithmParameter Exception when attempting to digitally sign a document."); } // Create a new XML Signature XMLSignature signature = xmlSigFactory.newXMLSignature(si, ki); try { // Sign the document signature.sign(dsc); status = true; } catch (MarshalException ex) { logger.error("MarshalException when attempting to digitally sign a document."); } catch (XMLSignatureException ex) { logger.error("XMLSignature Exception when attempting to digitally sign a document."); } catch (Exception e) { logger.error("General exception when attempting to digitally sign a document."); } return status; }
From source file:ee.ria.xroad.common.util.CryptoUtils.java
/** * Returns the digest/signature algorithm URI for the given digest/signature algorithm identifier. * @param algoId the id of the algorithm * @return the URI of the algorithm/*from w ww . j a v a 2 s . co m*/ * @throws NoSuchAlgorithmException if the algorithm id is unknown */ public static String getDigestAlgorithmURI(String algoId) throws NoSuchAlgorithmException { switch (algoId) { case SHA1_ID: return DigestMethod.SHA1; case SHA224_ID: return MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA224; case SHA256_ID: return DigestMethod.SHA256; case SHA384_ID: return MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA384; case SHA512_ID: return DigestMethod.SHA512; default: throw new NoSuchAlgorithmException("Unknown algorithm id: " + algoId); } }
From source file:ee.ria.xroad.common.util.CryptoUtils.java
/** * Returns the digest/signature algorithm identifier for the given digest/signature algorithm URI. * @param algoURI the URI of the algorithm * @return the identifier of the algorithm * @throws NoSuchAlgorithmException if the algorithm URI is unknown *///ww w . ja v a 2 s. c o m public static String getAlgorithmId(String algoURI) throws NoSuchAlgorithmException { switch (algoURI) { case DigestMethod.SHA1: return SHA1_ID; case MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA224: return SHA224_ID; case DigestMethod.SHA256: return SHA256_ID; case MessageDigestAlgorithm.ALGO_ID_DIGEST_SHA384: return SHA384_ID; case DigestMethod.SHA512: return SHA512_ID; case ALGO_ID_SIGNATURE_RSA_SHA1: return SHA1WITHRSA_ID; case ALGO_ID_SIGNATURE_RSA_SHA256: return SHA256WITHRSA_ID; case ALGO_ID_SIGNATURE_RSA_SHA384: return SHA384WITHRSA_ID; case ALGO_ID_SIGNATURE_RSA_SHA512: return SHA512WITHRSA_ID; case ALGO_ID_SIGNATURE_RSA_SHA256_MGF1: return SHA256WITHRSAANDMGF1_ID; case ALGO_ID_SIGNATURE_RSA_SHA384_MGF1: return SHA384WITHRSAANDMGF1_ID; case ALGO_ID_SIGNATURE_RSA_SHA512_MGF1: return SHA512WITHRSAANDMGF1_ID; default: throw new NoSuchAlgorithmException("Unknown algorithm URI: " + algoURI); } }
From source file:at.gv.egiz.bku.slcommands.impl.cms.Signature.java
private void setAlgorithmIDs(X509Certificate signingCertificate, boolean useStrongHash) throws NoSuchAlgorithmException { AlgorithmMethodFactory amf = new AlgorithmMethodFactoryImpl(signingCertificate, useStrongHash); signatureAlgorithmURI = amf.getSignatureAlgorithmURI(); signatureAlgorithm = amf.getSignatureAlgorithmID(); if (digestAlgorithm != null) { if (AlgorithmID.sha1.equals(digestAlgorithm)) { digestAlgorithmURI = DigestMethod.SHA1; } else if (AlgorithmID.sha256.equals(digestAlgorithm)) { digestAlgorithmURI = DigestMethod.SHA256; } else if (AlgorithmID.sha512.equals(digestAlgorithm)) { digestAlgorithmURI = DigestMethod.SHA512; } else if (AlgorithmID.ripeMd160.equals(digestAlgorithm)) { digestAlgorithmURI = DigestMethod.RIPEMD160; } else {/*from w ww . j a va 2s .c o m*/ throw new NoSuchAlgorithmException("Algorithm '" + digestAlgorithm + "' not supported."); } } else { digestAlgorithmURI = amf.getDigestAlgorithmURI(); digestAlgorithm = amf.getDigestAlgorithmID(); } }