Example usage for javax.xml.crypto.dsig XMLSignatureFactory newXMLSignature

List of usage examples for javax.xml.crypto.dsig XMLSignatureFactory newXMLSignature

  1. HOME
  2. Java
  3. javax
  4. javax.xml.crypto.dsig.*
  5. XMLSignatureFactory
  6. newXMLSignature

Introduction

In this page you can find the example usage for javax.xml.crypto.dsig XMLSignatureFactory newXMLSignature.

Prototype

public abstract XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki, List<? extends XMLObject> objects,
        String id, String signatureValueId);

Source Link

Document

Creates an XMLSignature and initializes it with the specified parameters.

Usage

From source file:org.warlock.itk.distributionenvelope.Payload.java

/** 
 * Sign the payloadBody as-is. Note that this is going to be encrypted anyway
 * so we avoid any incompatibilities due to canonicalisation, and we don't
 * care if the payloadBody is text, compressed and so on. Re-writes payloadBody
 * with a serialised XML Digital Signature "Signature" element containing an
 * enveloping signature, or throws an exception to signal failure. 
 * // w ww  .  j  a v  a  2 s  .co m
 * @param pk
 * @param cert
 * @throws Exception 
 */
private void signPayload(PrivateKey pk, X509Certificate cert) throws Exception {
    if ((pk == null) || (cert == null)) {
        throw new Exception("Null signing material");
    }
    cert.checkValidity();

    XMLSignatureFactory xsf = XMLSignatureFactory.getInstance("DOM");
    Reference ref = null;
    String objectRef = "uuid" + UUID.randomUUID().toString();
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setNamespaceAware(true);
    Document doc = null;
    DOMStructure payloadContent = null;
    if (compressed || base64 || !mimeType.contains("xml")) {
        ref = xsf.newReference("#" + objectRef, xsf.newDigestMethod(DigestMethod.SHA1, null));
        doc = dbf.newDocumentBuilder().newDocument();
        payloadContent = new DOMStructure(doc.createTextNode(payloadBody));
    } else {
        Transform t = xsf.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#",
                (TransformParameterSpec) null);
        ref = xsf.newReference("#" + objectRef, xsf.newDigestMethod(DigestMethod.SHA1, null),
                Collections.singletonList(t), null, null);
        doc = dbf.newDocumentBuilder().parse(new InputSource(new StringReader(payloadBody)));
        payloadContent = new DOMStructure(doc.getDocumentElement());
    }
    XMLObject payloadObject = xsf.newXMLObject(Collections.singletonList(payloadContent), objectRef, null,
            null);
    SignedInfo si = xsf.newSignedInfo(
            xsf.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
                    (C14NMethodParameterSpec) null),
            xsf.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));

    KeyInfoFactory kif = xsf.getKeyInfoFactory();
    ArrayList<Object> x509content = new ArrayList<Object>();
    x509content.add(cert);
    X509Data xd = kif.newX509Data(x509content);

    KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
    XMLSignature signature = xsf.newXMLSignature(si, ki, Collections.singletonList(payloadObject), null, null);
    DOMSignContext dsc = new DOMSignContext(pk, doc);
    signature.sign(dsc);
    StringWriter sw = new StringWriter();
    StreamResult sr = new StreamResult(sw);
    Transformer tx = TransformerFactory.newInstance().newTransformer();
    tx.transform(new DOMSource(doc), sr);
    if (sw.toString().indexOf("<?xml ") == 0) {
        payloadBody = sw.toString().substring(sw.toString().indexOf("?>") + "?>".length());
    } else {
        payloadBody = sw.toString();
    }
}

From source file:test.integ.be.fedict.hsm.ws.WSSecurityTestSOAPHandler.java

private void addSignature(Element wsSecurityHeaderElement, Element tsElement, Element bodyElement)
        throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException,
        XMLSignatureException, NoSuchProviderException, SOAPException {
    if (null == this.privateKey) {
        return;/*ww  w.  j  a va  2  s  .  c om*/
    }
    DOMSignContext domSignContext = new DOMSignContext(this.privateKey, wsSecurityHeaderElement);
    domSignContext.setDefaultNamespacePrefix("ds");
    domSignContext.setIdAttributeNS(tsElement, WSU_NAMESPACE, "Id");
    domSignContext.setIdAttributeNS(bodyElement, WSU_NAMESPACE, "Id");
    LOG.debug("Timestamp element found: " + (null != domSignContext.getElementById("TS")));
    XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");

    List<Reference> references = new LinkedList<Reference>();

    List<String> tsPrefixes = new LinkedList<String>();
    tsPrefixes.add("wsse");
    tsPrefixes.add("S");
    ExcC14NParameterSpec tsTransformSpec = new ExcC14NParameterSpec(tsPrefixes);
    Reference tsReference = xmlSignatureFactory.newReference("#TS",
            xmlSignatureFactory.newDigestMethod(this.digestAlgorithm, null),
            Collections.singletonList(
                    xmlSignatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, tsTransformSpec)),
            null, null);
    references.add(tsReference);

    if (this.signBody) {
        List<String> bodyPrefixes = new LinkedList<String>();
        ExcC14NParameterSpec bodyTransformSpec = new ExcC14NParameterSpec(bodyPrefixes);
        Reference bodyReference = xmlSignatureFactory.newReference("#Body",
                xmlSignatureFactory.newDigestMethod(this.digestAlgorithm, null),
                Collections.singletonList(
                        xmlSignatureFactory.newTransform(CanonicalizationMethod.EXCLUSIVE, bodyTransformSpec)),
                null, null);
        references.add(bodyReference);
    }

    if (this.signBinarySecurityToken) {
        Reference bstReference = xmlSignatureFactory
                .newReference("#X509", xmlSignatureFactory.newDigestMethod(this.digestAlgorithm, null),
                        Collections.singletonList(xmlSignatureFactory
                                .newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)),
                        null, null);
        references.add(bstReference);
    }

    SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(
            xmlSignatureFactory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE,
                    (C14NMethodParameterSpec) null),
            xmlSignatureFactory.newSignatureMethod(this.signatureAlgorithm, null), references);

    KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory();
    Document document = wsSecurityHeaderElement.getOwnerDocument();
    Element securityTokenReferenceElement = document.createElementNS(WSSE_NAMESPACE,
            "wsse:SecurityTokenReference");
    Element referenceElement = document.createElementNS(WSSE_NAMESPACE, "wsse:Reference");
    referenceElement.setAttribute("ValueType",
            "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
    referenceElement.setAttribute("URI", "#X509");
    securityTokenReferenceElement.appendChild(referenceElement);
    KeyInfo keyInfo = keyInfoFactory
            .newKeyInfo(Collections.singletonList(new DOMStructure(securityTokenReferenceElement)));

    XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo, null, "SIG", null);
    xmlSignature.sign(domSignContext);
}