List of usage examples for javax.xml.crypto.dsig XMLSignatureFactory newReference
public abstract Reference newReference(String uri, DigestMethod dm, List<? extends Transform> transforms, String type, String id, byte[] digestValue);
Reference with the specified parameters and pre-calculated digest value. From source file:es.gob.afirma.signers.ooxml.be.fedict.eid.applet.service.signer.AbstractXmlSignatureService.java
private static void addDigestInfosAsReferences(final List<DigestInfo> digestInfos, final XMLSignatureFactory signatureFactory, final List<Reference> references) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MalformedURLException { if (null == digestInfos) { return;//from www . j av a2 s.c o m } for (final DigestInfo digestInfo : digestInfos) { references.add(signatureFactory.newReference( FilenameUtils.getName(new File(digestInfo.getDescription()).toURI().toURL().getFile()), signatureFactory.newDigestMethod(getXmlDigestAlgo(digestInfo.getDigestAlgo()), null), null, null, null, digestInfo.getDigestValue())); } }
From source file:no.digipost.signature.client.asice.signature.CreateSignature.java
private List<Reference> references(final XMLSignatureFactory xmlSignatureFactory, final List<ASiCEAttachable> files) { List<Reference> result = new ArrayList<>(); for (int i = 0; i < files.size(); i++) { try {/*from w ww . j av a2 s. c o m*/ String signatureElementId = format("ID_%s", i); String uri = URLEncoder.encode(files.get(i).getFileName(), "UTF-8"); Reference reference = xmlSignatureFactory.newReference(uri, sha256DigestMethod, null, null, signatureElementId, sha256(files.get(i).getBytes())); result.add(reference); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } } return result; }
From source file:no.difi.sdp.client.asice.signature.CreateSignature.java
private List<Reference> references(final XMLSignatureFactory xmlSignatureFactory, final List<AsicEAttachable> files) { List<Reference> result = new ArrayList<Reference>(); for (int i = 0; i < files.size(); i++) { try {/*from ww w .jav a 2 s .co m*/ String signatureElementId = format("ID_%s", i); String uri = URLEncoder.encode(files.get(i).getFileName(), "UTF-8"); Reference reference = xmlSignatureFactory.newReference(uri, sha256DigestMethod, null, null, signatureElementId, sha256(files.get(i).getBytes())); result.add(reference); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } } return result; }
From source file:be.fedict.eid.applet.service.signer.AbstractXmlSignatureService.java
private void addDigestInfosAsReferences(List<DigestInfo> digestInfos, XMLSignatureFactory signatureFactory, List<Reference> references) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MalformedURLException { if (null == digestInfos) { return;/*ww w . ja v a 2 s .co m*/ } for (DigestInfo digestInfo : digestInfos) { byte[] documentDigestValue = digestInfo.digestValue; DigestMethod digestMethod = signatureFactory.newDigestMethod(getXmlDigestAlgo(digestInfo.digestAlgo), null); String uri = FilenameUtils.getName(new File(digestInfo.description).toURI().toURL().getFile()); Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue); references.add(reference); } }
From source file:org.roda.common.certification.ODFSignatureUtils.java
private static List<Reference> getReferenceList(ZipFile zipFile, DocumentBuilder documentBuilder, XMLSignatureFactory factory, NodeList listFileEntry, DigestMethod digestMethod) throws Exception { Transform transform = factory.newTransform(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS, (TransformParameterSpec) null); List<Transform> transformList = new ArrayList<Transform>(); transformList.add(transform);//ww w. j a v a2 s . co m MessageDigest messageDigest = MessageDigest.getInstance(RodaConstants.SHA1); List<Reference> referenceList = new ArrayList<Reference>(); for (int i = 0; i < listFileEntry.getLength(); i++) { String fullPath = ((Element) listFileEntry.item(i)).getAttribute("manifest:full-path"); Reference reference; if (!fullPath.endsWith("/") && !fullPath.equals(META_INF_DOCUMENTSIGNATURES_XML)) { if (fullPath.equals("content.xml") || fullPath.equals("meta.xml") || fullPath.equals("styles.xml") || fullPath.equals("settings.xml")) { InputStream xmlFile = zipFile.getInputStream(zipFile.getEntry(fullPath)); Element root = documentBuilder.parse(xmlFile).getDocumentElement(); IOUtils.closeQuietly(xmlFile); Canonicalizer canonicalizer = Canonicalizer .getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); byte[] docCanonicalize = canonicalizer.canonicalizeSubtree(root); byte[] digestValue = messageDigest.digest(docCanonicalize); reference = factory.newReference(fullPath.replaceAll(" ", "%20"), digestMethod, transformList, null, null, digestValue); } else { InputStream is = zipFile.getInputStream(zipFile.getEntry(fullPath)); byte[] digestValue = messageDigest.digest(IOUtils.toByteArray(is)); IOUtils.closeQuietly(is); reference = factory.newReference(fullPath.replaceAll(" ", "%20"), digestMethod, null, null, null, digestValue); } referenceList.add(reference); } } return referenceList; }
From source file:org.roda.core.plugins.plugins.characterization.ODFSignatureUtils.java
private static List<Reference> getReferenceList(ZipFile zipFile, DocumentBuilder documentBuilder, XMLSignatureFactory factory, NodeList listFileEntry, DigestMethod digestMethod) throws IOException, SAXException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CanonicalizationException, InvalidCanonicalizerException { Transform transform = factory.newTransform(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS, (TransformParameterSpec) null); List<Transform> transformList = new ArrayList<>(); transformList.add(transform);/*from www . ja v a 2 s.c o m*/ MessageDigest messageDigest = MessageDigest.getInstance(RodaConstants.SHA1); List<Reference> referenceList = new ArrayList<>(); for (int i = 0; i < listFileEntry.getLength(); i++) { String fullPath = ((Element) listFileEntry.item(i)).getAttribute("manifest:full-path"); Reference reference; if (!fullPath.endsWith("/") && !fullPath.equals(META_INF_DOCUMENTSIGNATURES_XML)) { if ("content.xml".equals(fullPath) || "meta.xml".equals(fullPath) || "styles.xml".equals(fullPath) || "settings.xml".equals(fullPath)) { try (InputStream xmlFile = zipFile.getInputStream(zipFile.getEntry(fullPath))) { Element root = documentBuilder.parse(xmlFile).getDocumentElement(); Canonicalizer canonicalizer = Canonicalizer .getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS); byte[] docCanonicalize = canonicalizer.canonicalizeSubtree(root); byte[] digestValue = messageDigest.digest(docCanonicalize); reference = factory.newReference(fullPath.replaceAll(" ", "%20"), digestMethod, transformList, null, null, digestValue); } } else { try (InputStream is = zipFile.getInputStream(zipFile.getEntry(fullPath))) { byte[] digestValue = messageDigest.digest(IOUtils.toByteArray(is)); reference = factory.newReference(fullPath.replaceAll(" ", "%20"), digestMethod, null, null, null, digestValue); } } referenceList.add(reference); } } return referenceList; }
From source file:test.be.fedict.eid.applet.model.XmlSignatureServiceBean.java
private byte[] getXmlSignatureDigestValue(String digestAlgo, List<DigestInfo> digestInfos, HttpSession httpSession) throws ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, javax.xml.crypto.dsig.XMLSignatureException, TransformerFactoryConfigurationError, TransformerException, MalformedURLException { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document document = documentBuilder.newDocument(); XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI()); Key key = new Key() { private static final long serialVersionUID = 1L; public String getAlgorithm() { return null; }//from w w w. ja va2 s . co m public byte[] getEncoded() { return null; } public String getFormat() { return null; } }; XMLSignContext signContext = new DOMSignContext(key, document); signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds"); List<Reference> references = new LinkedList<Reference>(); for (DigestInfo digestInfo : digestInfos) { byte[] documentDigestValue = digestInfo.digestValue; DigestMethod digestMethod = signatureFactory.newDigestMethod(getXmlDigestAlgo(digestInfo.digestAlgo), null); String uri = FilenameUtils.getName(new File(digestInfo.description).toURI().toURL().getFile()); Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue); references.add(reference); } SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(getSignatureMethod(digestAlgo), null); CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, references); javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null); DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature; domXmlSignature.marshal(document, "ds", (DOMCryptoContext) signContext); Source source = new DOMSource(document); StringWriter stringWriter = new StringWriter(); Result result = new StreamResult(stringWriter); Transformer xformer = TransformerFactory.newInstance().newTransformer(); xformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); xformer.transform(source, result); String documentStr = stringWriter.getBuffer().toString(); httpSession.setAttribute("xmlDocument", documentStr); DOMSignedInfo domSignedInfo = (DOMSignedInfo) signedInfo; ByteArrayOutputStream dataStream = new ByteArrayOutputStream(); domSignedInfo.canonicalize(signContext, dataStream); byte[] octets = dataStream.toByteArray(); MessageDigest jcaMessageDigest = MessageDigest.getInstance(digestAlgo); byte[] digestValue = jcaMessageDigest.digest(octets); return digestValue; }
From source file:test.unit.test.be.fedict.eid.applet.model.XmlSignatureServiceBeanTest.java
@Test public void testJsr105ReferenceUri() throws Exception { String uri = FilenameUtils.getName(new File("foo bar.txt").toURI().toURL().getFile()); KeyPair keyPair = generateKeyPair(); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document document = documentBuilder.newDocument(); XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI()); XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document); byte[] externalDocument = "hello world".getBytes(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); messageDigest.update(externalDocument); byte[] documentDigestValue = messageDigest.digest(); DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null); Reference reference = signatureFactory.newReference(uri, digestMethod, null, null, null, documentDigestValue);// w w w . j ava 2s. c o m SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference)); javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, null); xmlSignature.sign(signContext); }
From source file:test.unit.test.be.fedict.eid.applet.model.XmlSignatureServiceBeanTest.java
@Test public void testJsr105Signature() throws Exception { KeyPair keyPair = generateKeyPair(); DateTime notBefore = new DateTime(); DateTime notAfter = notBefore.plusYears(1); X509Certificate certificate = generateCertificate(keyPair.getPublic(), "CN=Test", notBefore, notAfter, null, keyPair.getPrivate(), true, 0, null, new KeyUsage(KeyUsage.nonRepudiation)); DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document document = documentBuilder.newDocument(); XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI()); XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document); signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds"); byte[] externalDocument = "hello world".getBytes(); MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); messageDigest.update(externalDocument); byte[] documentDigestValue = messageDigest.digest(); DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null); Reference reference = signatureFactory.newReference("some-uri", digestMethod, null, null, null, documentDigestValue);/*from w w w .j ava 2 s . c o m*/ SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference)); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); X509Data x509Data = keyInfoFactory.newX509Data(Collections.singletonList(certificate)); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, keyInfo); DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature; domXmlSignature.marshal(document, "ds", (DOMCryptoContext) signContext); DOMSignedInfo domSignedInfo = (DOMSignedInfo) signedInfo; ByteArrayOutputStream dataStream = new ByteArrayOutputStream(); domSignedInfo.canonicalize(signContext, dataStream); byte[] octets = dataStream.toByteArray(); MessageDigest jcaMessageDigest = MessageDigest.getInstance("SHA1"); byte[] digestValue = jcaMessageDigest.digest(octets); byte[] digestInfoValue = ArrayUtils.addAll(SHA1_DIGEST_INFO_PREFIX, digestValue); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate()); byte[] signatureValue = cipher.doFinal(digestInfoValue); NodeList signatureValueNodeList = document.getElementsByTagNameNS(javax.xml.crypto.dsig.XMLSignature.XMLNS, "SignatureValue"); assertEquals(1, signatureValueNodeList.getLength()); Element signatureValueElement = (Element) signatureValueNodeList.item(0); signatureValueElement.setTextContent(Base64.encode(signatureValue)); Source source = new DOMSource(document); StringWriter stringWriter = new StringWriter(); Result result = new StreamResult(stringWriter); Transformer xformer = TransformerFactory.newInstance().newTransformer(); xformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); xformer.transform(source, result); String signedDocumentStr = stringWriter.getBuffer().toString(); LOG.debug("signed document: " + signedDocumentStr); File tmpFile = File.createTempFile("xml-signature-", ".xml"); FileUtils.writeStringToFile(tmpFile, signedDocumentStr); StringReader stringReader = new StringReader(signedDocumentStr); InputSource inputSource = new InputSource(stringReader); Document signedDocument = documentBuilder.parse(inputSource); Element signatureElement = (Element) XPathAPI.selectSingleNode(signedDocument, "ds:Signature"); assertNotNull(signatureElement); XMLSignature apacheXmlSignature = new XMLSignature(signatureElement, null); ResourceTestResolver resourceResolver = new ResourceTestResolver(); resourceResolver.addResource("some-uri", "hello world".getBytes()); apacheXmlSignature.addResourceResolver(resourceResolver); boolean signatureResult = apacheXmlSignature.checkSignatureValue(keyPair.getPublic()); assertTrue(signatureResult); LOG.debug("file: " + tmpFile.getAbsolutePath()); }