Example usage for javax.xml.crypto.dsig XMLSignatureFactory newSignedInfo

List of usage examples for javax.xml.crypto.dsig XMLSignatureFactory newSignedInfo

  1. HOME
  2. Java
  3. javax
  4. javax.xml.crypto.dsig.*
  5. XMLSignatureFactory
  6. newSignedInfo

Introduction

In this page you can find the example usage for javax.xml.crypto.dsig XMLSignatureFactory newSignedInfo.

Prototype

public abstract SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm,
        List<? extends Reference> references);

Source Link

Document

Creates a SignedInfo with the specified canonicalization and signature methods, and list of one or more references.

Usage

From source file:test.unit.test.be.fedict.eid.applet.model.XmlSignatureServiceBeanTest.java

@Test
public void testJsr105Signature() throws Exception {
    KeyPair keyPair = generateKeyPair();
    DateTime notBefore = new DateTime();
    DateTime notAfter = notBefore.plusYears(1);
    X509Certificate certificate = generateCertificate(keyPair.getPublic(), "CN=Test", notBefore, notAfter, null,
            keyPair.getPrivate(), true, 0, null, new KeyUsage(KeyUsage.nonRepudiation));

    DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
    documentBuilderFactory.setNamespaceAware(true);
    DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
    Document document = documentBuilder.newDocument();

    XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());

    XMLSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document);
    signContext.putNamespacePrefix(javax.xml.crypto.dsig.XMLSignature.XMLNS, "ds");

    byte[] externalDocument = "hello world".getBytes();
    MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
    messageDigest.update(externalDocument);
    byte[] documentDigestValue = messageDigest.digest();

    DigestMethod digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null);
    Reference reference = signatureFactory.newReference("some-uri", digestMethod, null, null, null,
            documentDigestValue);/*w w w.ja v  a 2s  .  c om*/

    SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
    CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
            CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
    javax.xml.crypto.dsig.SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod,
            signatureMethod, Collections.singletonList(reference));

    KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
    X509Data x509Data = keyInfoFactory.newX509Data(Collections.singletonList(certificate));
    KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data));

    javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory.newXMLSignature(signedInfo, keyInfo);
    DOMXMLSignature domXmlSignature = (DOMXMLSignature) xmlSignature;
    domXmlSignature.marshal(document, "ds", (DOMCryptoContext) signContext);

    DOMSignedInfo domSignedInfo = (DOMSignedInfo) signedInfo;
    ByteArrayOutputStream dataStream = new ByteArrayOutputStream();
    domSignedInfo.canonicalize(signContext, dataStream);
    byte[] octets = dataStream.toByteArray();

    MessageDigest jcaMessageDigest = MessageDigest.getInstance("SHA1");
    byte[] digestValue = jcaMessageDigest.digest(octets);
    byte[] digestInfoValue = ArrayUtils.addAll(SHA1_DIGEST_INFO_PREFIX, digestValue);

    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
    byte[] signatureValue = cipher.doFinal(digestInfoValue);

    NodeList signatureValueNodeList = document.getElementsByTagNameNS(javax.xml.crypto.dsig.XMLSignature.XMLNS,
            "SignatureValue");
    assertEquals(1, signatureValueNodeList.getLength());
    Element signatureValueElement = (Element) signatureValueNodeList.item(0);
    signatureValueElement.setTextContent(Base64.encode(signatureValue));

    Source source = new DOMSource(document);
    StringWriter stringWriter = new StringWriter();
    Result result = new StreamResult(stringWriter);
    Transformer xformer = TransformerFactory.newInstance().newTransformer();
    xformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
    xformer.transform(source, result);
    String signedDocumentStr = stringWriter.getBuffer().toString();
    LOG.debug("signed document: " + signedDocumentStr);

    File tmpFile = File.createTempFile("xml-signature-", ".xml");
    FileUtils.writeStringToFile(tmpFile, signedDocumentStr);

    StringReader stringReader = new StringReader(signedDocumentStr);
    InputSource inputSource = new InputSource(stringReader);
    Document signedDocument = documentBuilder.parse(inputSource);

    Element signatureElement = (Element) XPathAPI.selectSingleNode(signedDocument, "ds:Signature");
    assertNotNull(signatureElement);

    XMLSignature apacheXmlSignature = new XMLSignature(signatureElement, null);
    ResourceTestResolver resourceResolver = new ResourceTestResolver();
    resourceResolver.addResource("some-uri", "hello world".getBytes());
    apacheXmlSignature.addResourceResolver(resourceResolver);
    boolean signatureResult = apacheXmlSignature.checkSignatureValue(keyPair.getPublic());
    assertTrue(signatureResult);

    LOG.debug("file: " + tmpFile.getAbsolutePath());
}