Java Code Examples for javax.xml.crypto.dsig.XMLSignatureFactory#newReference()
The following examples show how to use
javax.xml.crypto.dsig.XMLSignatureFactory#newReference() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 8 votes |
|
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// create a key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
// sign the document
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = System.out;
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Example 2
| Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 7 votes |
|
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException, org.hl7.fhir.exceptions.FHIRException {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// create a key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
// sign the document
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = System.out;
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Example 3
| Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// // create a key pair
// KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// kpg.initialize(512);
// KeyPair kp = kpg.generateKeyPair();
PublicKey pub = getPublicKey("C:\\work\\fhirserver\\tests\\signatures\\public_key.der");
PrivateKey priv = getPrivateKey("C:\\work\\fhirserver\\tests\\signatures\\private_key.der");
// sign the document
DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(pub);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = new FileOutputStream("c:\\temp\\java-digsig.xml");
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Example 4
| Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// // create a key pair
// KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
// kpg.initialize(512);
// KeyPair kp = kpg.generateKeyPair();
PublicKey pub = getPublicKey("C:\\work\\fhirserver\\tests\\signatures\\public_key.der");
PrivateKey priv = getPrivateKey("C:\\work\\fhirserver\\tests\\signatures\\private_key.der");
// sign the document
DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(pub);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = new FileOutputStream("c:\\temp\\java-digsig.xml");
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Example 5
| Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
|
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException, org.hl7.fhir.exceptions.FHIRException {
// http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html
//
byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes();
// load the document that's going to be signed
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new ByteArrayInputStream(inputXml));
// create a key pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
// sign the document
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
OutputStream os = System.out;
new XmlGenerator().generate(doc.getDocumentElement(), os);
}
Example 6
| Source File: XMLSignatureBuilder.java From development with Apache License 2.0 | 5 votes |
|
public Document sign(FileInputStream fileStream, KeyPair keyPair)
throws ParserConfigurationException, SAXException, IOException,
NoSuchAlgorithmException, InvalidAlgorithmParameterException,
KeyException, MarshalException, XMLSignatureException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
Document document = builder.parse(fileStream);
DOMSignContext signContext = new DOMSignContext(keyPair.getPrivate(),
document.getDocumentElement());
XMLSignatureFactory signFactory = XMLSignatureFactory
.getInstance("DOM");
Reference ref = signFactory.newReference("", signFactory
.newDigestMethod(digestMethod, null), Collections
.singletonList(signFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null)), null, null);
SignedInfo si = signFactory.newSignedInfo(signFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null), signFactory
.newSignatureMethod(signatureMethod, null), Collections
.singletonList(ref));
KeyInfoFactory kif = signFactory.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(keyPair.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = signFactory.newXMLSignature(si, ki);
signature.sign(signContext);
return document;
}
Example 7
| Source File: DigSigUtil.java From juddi with Apache License 2.0 | 5 votes |
|
private Reference initReference(XMLSignatureFactory fac) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
List transformers = new ArrayList();
transformers.add(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
String dm = map.getProperty(SIGNATURE_OPTION_DIGEST_METHOD);
if (dm == null) {
dm = DigestMethod.SHA1;
}
Reference ref = fac.newReference("", fac.newDigestMethod(dm, null), transformers, null, null);
return ref;
}
Example 8
| Source File: XmlSignatureApplet.java From juddi with Apache License 2.0 | 5 votes |
|
private Reference initReference(XMLSignatureFactory fac) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
List transformers = new ArrayList();
transformers.add(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
// String dm = map.getProperty(SIGNATURE_OPTION_DIGEST_METHOD);
//if (dm == null) {
String dm = DigestMethod.SHA1;
//}
Reference ref = fac.newReference("", fac.newDigestMethod(dm, null), transformers, null, null);
return ref;
}
Example 9
| Source File: XML.java From restcommander with Apache License 2.0 | 5 votes |
|
/**
* Sign the XML document using xmldsig.
* @param document the document to sign; it will be modified by the method.
* @param publicKey the public key from the key pair to sign the document.
* @param privateKey the private key from the key pair to sign the document.
* @return the signed document for chaining.
*/
public static Document sign(Document document, RSAPublicKey publicKey, RSAPrivateKey privateKey) {
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
KeyInfoFactory keyInfoFactory = fac.getKeyInfoFactory();
try {
Reference ref =fac.newReference(
"",
fac.newDigestMethod(DigestMethod.SHA1, null),
Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)),
null,
null);
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,
(C14NMethodParameterSpec) null),
fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
Collections.singletonList(ref));
DOMSignContext dsc = new DOMSignContext(privateKey, document.getDocumentElement());
KeyValue keyValue = keyInfoFactory.newKeyValue(publicKey);
KeyInfo ki = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValue));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
} catch (Exception e) {
Logger.warn("Error while signing an XML document.", e);
}
return document;
}
Example 10
| Source File: XmlSignatureHelper.java From secure-data-service with Apache License 2.0 | 5 votes |
|
/**
* Signs the SAML assertion using the specified public and private keys.
*
* @param document
* SAML assertion be signed.
* @param privateKey
* Private key used to sign SAML assertion.
* @param publicKey
* Public key used to sign SAML asserion.
* @return w3c element representation of specified document.
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
* @throws KeyException
* @throws MarshalException
* @throws XMLSignatureException
*/
private Element signSamlAssertion(Document document, PrivateKey privateKey, X509Certificate certificate)
throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException,
XMLSignatureException {
XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM");
List<Transform> envelopedTransform = Collections.singletonList(signatureFactory.newTransform(
Transform.ENVELOPED, (TransformParameterSpec) null));
Reference ref = signatureFactory.newReference("", signatureFactory.newDigestMethod(DigestMethod.SHA1, null),
envelopedTransform, null, null);
SignatureMethod signatureMethod = null;
if (certificate.getPublicKey() instanceof DSAPublicKey) {
signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null);
} else if (certificate.getPublicKey() instanceof RSAPublicKey) {
signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
}
CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod,
Collections.singletonList(ref));
KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
X509Data data = keyInfoFactory.newX509Data(Collections.singletonList(certificate));
KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(data));
Element w3cElement = document.getDocumentElement();
Node xmlSigInsertionPoint = getXmlSignatureInsertionLocation(w3cElement);
DOMSignContext dsc = new DOMSignContext(privateKey, w3cElement, xmlSigInsertionPoint);
XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo);
signature.sign(dsc);
return w3cElement;
}
Example 11
| Source File: AbstractSamlObjectBuilder.java From springboot-shiro-cas-mybatis with MIT License | 4 votes |
|
/**
* Sign SAML element.
*
* @param element the element
* @param privKey the priv key
* @param pubKey the pub key
* @return the element
*/
private org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey,
final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider",
SIGNATURE_FACTORY_PROVIDER_CLASS);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName)
.newInstance());
final List<Transform> envelopedTransform = Collections
.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference("", sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform,
null, null);
// Create the SignatureMethod based on the type of key
final SignatureMethod signatureMethod;
if (pubKey instanceof DSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.DSA_SHA1, null);
} else if (pubKey instanceof RSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.RSA_SHA1, null);
} else {
throw new RuntimeException("Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections
.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory
.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires
// w3c representation)
final org.w3c.dom.Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
final org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
final XMLSignature signature = sigFactory.newXMLSignature(signedInfo,
keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: "
+ e.getMessage(), e);
}
}
Example 12
| Source File: SamlUtils.java From cas4.0.x-server-wechat with Apache License 2.0 | 4 votes |
|
private static Element signSamlElement(final Element element, final PrivateKey privKey,
final PublicKey pubKey) {
try {
final String providerName = System.getProperty("jsr105Provider",
JSR_105_PROVIDER);
final XMLSignatureFactory sigFactory = XMLSignatureFactory
.getInstance("DOM", (Provider) Class.forName(providerName)
.newInstance());
final List envelopedTransform = Collections
.singletonList(sigFactory.newTransform(Transform.ENVELOPED,
(TransformParameterSpec) null));
final Reference ref = sigFactory.newReference("", sigFactory
.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform,
null, null);
// Create the SignatureMethod based on the type of key
SignatureMethod signatureMethod;
if (pubKey instanceof DSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.DSA_SHA1, null);
} else if (pubKey instanceof RSAPublicKey) {
signatureMethod = sigFactory.newSignatureMethod(
SignatureMethod.RSA_SHA1, null);
} else {
throw new RuntimeException(
"Error signing SAML element: Unsupported type of key");
}
final CanonicalizationMethod canonicalizationMethod = sigFactory
.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
(C14NMethodParameterSpec) null);
// Create the SignedInfo
final SignedInfo signedInfo = sigFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, Collections
.singletonList(ref));
// Create a KeyValue containing the DSA or RSA PublicKey
final KeyInfoFactory keyInfoFactory = sigFactory
.getKeyInfoFactory();
final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey);
// Create a KeyInfo and add the KeyValue to it
final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections
.singletonList(keyValuePair));
// Convert the JDOM document to w3c (Java XML signature API requires
// w3c
// representation)
org.w3c.dom.Element w3cElement = toDom(element);
// Create a DOMSignContext and specify the DSA/RSA PrivateKey and
// location of the resulting XMLSignature's parent element
DOMSignContext dsc = new DOMSignContext(privKey, w3cElement);
org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement);
dsc.setNextSibling(xmlSigInsertionPoint);
// Marshal, generate (and sign) the enveloped signature
XMLSignature signature = sigFactory.newXMLSignature(signedInfo,
keyInfo);
signature.sign(dsc);
return toJdom(w3cElement);
} catch (final Exception e) {
throw new RuntimeException("Error signing SAML element: "
+ e.getMessage(), e);
}
}
Example 13
| Source File: TckSigningUtil.java From juddi with Apache License 2.0 | 4 votes |
|
private static Reference initReference(XMLSignatureFactory fac) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
List transformers = new ArrayList();
transformers.add(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null));
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), transformers, null, null);
return ref;
}
