org.apache.xml.security.signature.Reference Java Examples

The following examples show how to use org.apache.xml.security.signature.Reference. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SAMLSignatureProfileValidator.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Validate the Signature's SignedInfo Reference.
 * 
 * The SignedInfo must contain exactly 1 Reference.
 * 
 * @param apacheSig the Apache XML Signature instance
 * @return the valid Reference contained within the SignedInfo
 * @throws ValidationException thrown if the Signature does not contain exactly 1 Reference, or if there is an error
 *             obtaining the Reference instance
 */
protected Reference validateReference(XMLSignature apacheSig) throws ValidationException {
    int numReferences = apacheSig.getSignedInfo().getLength();
    if (numReferences != 1) {
        log.error("Signature SignedInfo had invalid number of References: " + numReferences);
        throw new ValidationException("Signature SignedInfo must have exactly 1 Reference element");
    }

    Reference ref = null;
    try {
        ref = apacheSig.getSignedInfo().item(0);
    } catch (XMLSecurityException e) {
        log.error("Apache XML Security exception obtaining Reference", e);
        throw new ValidationException("Could not obtain Reference from Signature/SignedInfo", e);
    }
    if (ref == null) {
        log.error("Signature Reference was null");
        throw new ValidationException("Signature Reference was null");
    }
    return ref;
}
 
Example #2
Source File: TimeStampDigestInputImpl.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public void addReference(Reference r) throws CannotAddDataToDigestInputException
{
    if (null == r)
    {
        throw new NullPointerException();
    }

    try
    {
        XMLSignatureInput refData = r.getContentsAfterTransformation();
        addToDigestInput(refData, r.getDocument());

    } catch (XMLSignatureException ex)
    {
        throw new CannotAddDataToDigestInputException(ex);
    }
}
 
Example #3
Source File: SAMLSignatureProfileValidator.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Validate an instance of {@link SignatureImpl}, which is in turn based on underlying Apache XML Security
 * <code>XMLSignature</code> instance.
 * 
 * @param sigImpl the signature implementation object to validate
 * @throws ValidationException thrown if the signature is not valid with respect to the profile
 */
protected void validateSignatureImpl(SignatureImpl sigImpl) throws ValidationException {

    if (sigImpl.getXMLSignature() == null) {
        log.error("SignatureImpl did not contain the an Apache XMLSignature child");
        throw new ValidationException("Apache XMLSignature does not exist on SignatureImpl");
    }
    XMLSignature apacheSig = sigImpl.getXMLSignature();

    if (!(sigImpl.getParent() instanceof SignableSAMLObject)) {
        log.error("Signature is not an immedidate child of a SignableSAMLObject");
        throw new ValidationException("Signature is not an immediate child of a SignableSAMLObject.");
    }
    SignableSAMLObject signableObject = (SignableSAMLObject) sigImpl.getParent();

    Reference ref = validateReference(apacheSig);

    String uri = ref.getURI();
    
    validateReferenceURI(uri, signableObject);

    validateTransforms(ref);
    
    validateObjectChildren(apacheSig);
}
 
Example #4
Source File: CanonicalizerUtils.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * Checks if all the transforms in a ds:Reference are canonicalization transforms.
 * @param r the reference
 * @return true if all transforms are c14n, false otherwise.
 * @throws XMLSecurityException
 */
public static boolean allTransformsAreC14N(Reference r) throws XMLSecurityException
{
    Transforms transforms = r.getTransforms();
    try
    {
        for (int i = 0; i < transforms.getLength(); ++i)
        {
            Canonicalizer.getInstance(transforms.item(i).getURI());
        }
        return true;
    }
    catch (InvalidCanonicalizerException ex)
    {
        return false;
    }
}
 
Example #5
Source File: DataGenIndivDataObjsTimeStamp.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
protected BaseXAdESTimeStampData createPropDataObj(
        IndividualDataObjsTimeStampProperty prop,
        Algorithm c14n,
        TimeStampTokenRes tsTknRes,
        PropertiesDataGenerationContext ctx)
{
    Collection<DataObjectDesc> targetDataObjs = prop.getTargetDataObjects();
    Map<DataObjectDesc, Reference> refsMaps = ctx.getReferencesMappings();

    List<String> includes = new ArrayList<String>(targetDataObjs.size());
    for (DataObjectDesc dataObj : targetDataObjs)
    {
        Reference r = refsMaps.get(dataObj);
        includes.add('#' + r.getId());
    }

    prop.setTime(tsTknRes.timeStampTime);
    return new IndividualDataObjsTimeStampData(c14n, includes, tsTknRes.encodedTimeStampToken);
}
 
Example #6
Source File: XAdESLevelBBase64TransformTest.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
private List<DSSReference> buildReferences(DSSDocument document, List<DSSTransform> transforms) {

		DSSReference ref1 = new DSSReference();
		ref1.setContents(document);
		ref1.setId("r-" + document.getName());
		ref1.setTransforms(transforms);
		ref1.setType(Reference.OBJECT_URI);
		ref1.setUri('#' + document.getName());
		ref1.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);
		
		List<DSSReference> refs = new ArrayList<>();
		refs.add(ref1);
		
		return refs;
		
	}
 
Example #7
Source File: SignedDataObjectsProcessorTest.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Test
public void testAddNullReference() throws Exception
{
    System.out.println("addNullReference");

    Document doc = SignatureServicesTestBase.getNewDocument();

    SignedDataObjects dataObjsDescs = new SignedDataObjects()
        .withSignedDataObject(new AnonymousDataObjectReference("data".getBytes()));

    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");

    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), new AllwaysNullAlgsParamsMarshaller());
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);

    assertEquals(1, result.size());
    assertEquals(0, xmlSignature.getObjectLength());
    assertEquals(1, xmlSignature.getSignedInfo().getLength());

    Reference r = xmlSignature.getSignedInfo().item(0);
    assertNull(r.getElement().getAttributeNodeNS(Constants.SignatureSpecNS, "URI"));
}
 
Example #8
Source File: PropertiesDataGenerationContext.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * A simple constructor to be used when only unsigned signature properties
 * will be processed.
 * @param targetXmlSignature the target signature
 * @param algorithmsProvider algorithms in use
 */
PropertiesDataGenerationContext(XMLSignature targetXmlSignature) throws XAdES4jXMLSigException
{
    this.targetXmlSignature = targetXmlSignature;
    this.sigDocument = targetXmlSignature.getDocument();
    this.referencesMappings = null;

    SignedInfo signedInfo = targetXmlSignature.getSignedInfo();
    List<Reference> refs = new ArrayList<Reference>(signedInfo.getLength());
    for (int i = 0; i < signedInfo.getLength(); i++)
    {
        try
        {
            refs.add(signedInfo.item(i));
        } catch (XMLSecurityException ex)
        {
            throw new XAdES4jXMLSigException(String.format("Cannot process the %dth reference", i), ex);
        }
    }
    this.references = Collections.unmodifiableList(refs);
}
 
Example #9
Source File: PropertiesDataGenerationContext.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * @param orderedDataObjs
 * @param referencesMappings should be unmodifiable
 * @param elemInSigDoc
 * @param algorithmsProvider
 */
PropertiesDataGenerationContext(
        Collection<DataObjectDesc> orderedDataObjs,
        Map<DataObjectDesc, Reference> referencesMappings,
        Document sigDocument)
{
    this.referencesMappings = referencesMappings;
    this.sigDocument = sigDocument;

    List<Reference> orderedRefs = new ArrayList<Reference>(orderedDataObjs.size());
    for (DataObjectDesc dataObjDesc : orderedDataObjs)
    {
        orderedRefs.add(referencesMappings.get(dataObjDesc));
    }

    this.references = Collections.unmodifiableList(orderedRefs);
}
 
Example #10
Source File: XAdESSignatureUtils.java    From dss with GNU Lesser General Public License v2.1 6 votes vote down vote up
/**
 * Checks if the given {@value reference} is an occurrence of signed object
 * @param reference - Reference to check
 * @param signature - Signature, containing the given {@value reference}
 * @return - TRUE if the given {@value reference} is a signed object, FALSE otherwise
 */
private static boolean isReferenceLinkedToDocument(Reference reference, XAdESSignature signature) {
	String referenceType = reference.getType();
	// if type is not declared
	if (Utils.isStringEmpty(referenceType)) {
		String referenceUri = reference.getURI();
		referenceUri = DomUtils.getId(referenceUri);
		Element element = DomUtils.getElement(signature.getSignatureElement(), "./*" + DomUtils.getXPathByIdAttribute(referenceUri));
		if (element == null) { // if element is out of the signature node, it is a document
			return true;
		} else { // otherwise not a document
			return false;
		}
	// if type refers to object or manifest - it is a document
	} else if (DSSXMLUtils.isObjectReferenceType(referenceType) || DSSXMLUtils.isManifestReferenceType(referenceType) ||
			DSSXMLUtils.isCounterSignatureReferenceType(referenceType)) {
		return true;
	// otherwise not a document
	} else {
		return false;
	}
}
 
Example #11
Source File: XAdESTimestampSource.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Override
protected List<TimestampedReference> getIndividualContentTimestampedReferences(XAdESAttribute signedAttribute) {
	List<TimestampInclude> includes = signedAttribute.getTimestampIncludedReferences();
	List<TimestampedReference> timestampReferences = new ArrayList<>();
	for (Reference reference : references) {
		if (isContentTimestampedReference(reference, includes)) {
			for (SignatureScope signatureScope : signatureScopes) {
				if (Utils.endsWithIgnoreCase(reference.getURI(), signatureScope.getName())) {
					addReference(timestampReferences, new TimestampedReference(signatureScope.getDSSIdAsString(), TimestampedObjectType.SIGNED_DATA));
				}
			}
		}
	}
	return timestampReferences;
}
 
Example #12
Source File: XAdESTimestampDataBuilder.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@Override
public DSSDocument getContentTimestampData(final TimestampToken timestampToken) {
	final TimestampType timeStampType = timestampToken.getTimeStampType();
	if (!timeStampType.isContentTimestamp()) {
		return null;
	}

	if (!checkTimestampTokenIncludes(timestampToken)) {
		throw new DSSException("The Included referencedData attribute is either not present or set to false!");
	}
	if (references.isEmpty()) {
		throw new DSSException("The method 'checkSignatureIntegrity' must be invoked first!");
	}

	final String canonicalizationMethod = timestampToken.getCanonicalizationMethod();
	final List<TimestampInclude> includes = timestampToken.getTimestampIncludes();

	try (ByteArrayOutputStream outputStream = new ByteArrayOutputStream()) {
		for (final Reference reference : references) {
			if (isContentTimestampedReference(reference, timeStampType, includes)) {
				byte[] referenceBytes = getReferenceBytes(reference, canonicalizationMethod);
				outputStream.write(referenceBytes);
			}
		}
		byte[] byteArray = outputStream.toByteArray();
		if (LOG.isTraceEnabled()) {
			LOG.trace("IndividualDataObjectsTimestampData/AllDataObjectsTimestampData bytes: {}", new String(byteArray));
		}
		return new InMemoryDocument(byteArray);
	} catch (IOException | XMLSecurityException e) {
		if (LOG.isDebugEnabled()) {
			LOG.warn("Unable to extract IndividualDataObjectsTimestampData/AllDataObjectsTimestampData. Reason : {}", e.getMessage(), e);
		} else {
			LOG.warn("Unable to extract IndividualDataObjectsTimestampData/AllDataObjectsTimestampData. Reason : {}", e.getMessage());
		}
	}
	return null;

}
 
Example #13
Source File: XAdESSignature.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private void initDetachedSignatureResolvers(List<DSSDocument> detachedContents) {
	List<Reference> currentReferences = getReferences();
	for (Reference reference : currentReferences) {
		try {
			DigestAlgorithm digestAlgorithm = DigestAlgorithm.forXML(reference.getMessageDigestAlgorithm().getAlgorithmURI());
			santuarioSignature
					.addResourceResolver(new DetachedSignatureResolver(detachedContents, digestAlgorithm));
		} catch (XMLSignatureException e) {
			LOG.warn("Unable to retrieve reference digest algorithm {}", reference.getId(), e);
		}
	}
}
 
Example #14
Source File: XAdESSignature.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private void extractReferences() {
	references = new ArrayList<>();
	final XMLSignature currentSantuarioSignature = getSantuarioSignature();
	final SignedInfo signedInfo = currentSantuarioSignature.getSignedInfo();
	final int numberOfReferences = signedInfo.getLength();
	for (int ii = 0; ii < numberOfReferences; ii++) {
		try {
			final Reference reference = signedInfo.item(ii);
			references.add(reference);
		} catch (XMLSecurityException e) {
			LOG.warn("Unable to retrieve reference #{} : {}", ii, e.getMessage());
		}
	}
}
 
Example #15
Source File: XAdESTimestampDataBuilder.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private void writeReferenceBytes(final Reference reference, ByteArrayOutputStream buffer) throws IOException {
	try {
		final byte[] referencedBytes = reference.getReferencedBytes();
		if (referencedBytes != null) {
			buffer.write(referencedBytes);
		} else {
			throw new DSSException(String.format("No binaries found for URI '%s'", reference.getURI()));
		}
	} catch (XMLSecurityException e) {
		throw new DSSException(String.format("Unable to retrieve content for URI '%s' : %s", reference.getURI(), e.getMessage()), e);
	}
}
 
Example #16
Source File: XAdESTimestampDataBuilder.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private boolean isContentTimestampedReference(Reference reference, TimestampType timeStampType, List<TimestampInclude> includes) {
	if (TimestampType.ALL_DATA_OBJECTS_TIMESTAMP.equals(timeStampType)) {
		// All references are covered except the one referencing the SignedProperties
		return !DSSXMLUtils.isSignedProperties(reference, xadesPaths);
	} else {
		for (TimestampInclude timestampInclude : includes) {
			String id = timestampInclude.getURI();
			if (reference.getId().equals(id)) {
				return true;
			}
		}
		return false;
	}
}
 
Example #17
Source File: XAdESTimestampDataBuilder.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private byte[] getReferenceBytes(final Reference reference, final String canonicalizationMethod) throws XMLSecurityException {
	byte[] referencedBytes = reference.getReferencedBytes();
	if (DomUtils.isDOM(referencedBytes)) {
		referencedBytes = DSSXMLUtils.canonicalize(canonicalizationMethod, referencedBytes);
	}
	if (LOG.isTraceEnabled()) {
		LOG.trace("ReferencedBytes : {}", new String(referencedBytes));
	}
	return referencedBytes;
}
 
Example #18
Source File: AbstractXmlSigInHandler.java    From cxf with Apache License 2.0 5 votes vote down vote up
private Element getSignedElement(Element root, Reference ref) {
    String rootId = root.getAttribute("ID");
    String expectedID = ref.getURI().substring(1);

    if (!expectedID.equals(rootId)) {
        return XMLUtils.findElementById(root, expectedID, true);
    }
    return root;
}
 
Example #19
Source File: XAdESTimestampSource.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private boolean isContentTimestampedReference(Reference reference, List<TimestampInclude> includes) {
	for (TimestampInclude timestampInclude : includes) {
		if (reference.getId().equals(timestampInclude.getURI())) {
			return true;
		}
	}
	return false;
}
 
Example #20
Source File: XAdESSignatureUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
/**
 * Returns list of original signed documents
 * @param signature [{@link XAdESSignature} to find signed documents for
 * @return list of {@link DSSDocument}s
 */
public static List<DSSDocument> getSignerDocuments(XAdESSignature signature) {
	List<DSSDocument> result = new ArrayList<>();

	SignatureCryptographicVerification signatureCryptographicVerification = signature.getSignatureCryptographicVerification();
	if (!signatureCryptographicVerification.isSignatureValid()) {
		return result;
	}
	List<Reference> references = signature.getReferences();
	if (Utils.isCollectionNotEmpty(references)) {
		for (Reference reference : references) {
			try {
				if (isReferenceLinkedToDocument(reference, signature)) {
					DSSDocument referenceDocument = getReferenceDocument(reference, signature);
					if (referenceDocument != null) {
						result.add(referenceDocument);
					}
				}
			} catch (DSSException e) {
				LOG.warn("Not able to extract an original content for a reference with name '{}' and URI '{}'. "
						+ "Reason : {}", reference.getId(), reference.getURI(), e.getMessage());
			}
		}
		
	}
	return result;
}
 
Example #21
Source File: XAdESSignatureUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private static DSSDocument getReferenceDocument(Reference reference, XAdESSignature signature) {
	if (reference.typeIsReferenceToObject()) {
		List<Element> signatureObjects = signature.getSignatureObjects();
		for (Element sigObject : signatureObjects) {
			Node referencedObject = sigObject;
			String objectId = sigObject.getAttribute("Id");
			if (Utils.endsWithIgnoreCase(reference.getURI(), objectId)) {
				if (reference.typeIsReferenceToObject() && sigObject.hasChildNodes()) {
					referencedObject = sigObject.getFirstChild();
				}
				byte[] bytes = DSSXMLUtils.getNodeBytes(referencedObject);
				if (bytes != null) {
					return new InMemoryDocument(bytes, objectId);
				}
			}
		}
	}
	
	// if not an object or object has not been found
	try {
		byte[] referencedBytes = reference.getReferencedBytes();
		if (referencedBytes != null) {
			return new InMemoryDocument(referencedBytes, reference.getURI());
		}
		LOG.warn("Reference bytes returned null value : {}", reference.getId());
	} catch (Exception e) {
		LOG.warn("Unable to retrieve reference {}. Reason : {}", reference.getId(), e.getMessage(), e);
	}
	
	if (LOG.isDebugEnabled()) {
		LOG.debug("A referenced document not found for a reference with Id : [{}]", reference.getId());
	}
	return null;
}
 
Example #22
Source File: DSSXMLUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
/**
 * Returns bytes of the original referenced data
 * @param reference {@link Reference} to get bytes from
 * @return byte array containing original data
 */
public static byte[] getReferenceOriginalContentBytes(Reference reference) {
	
	try {
		// returns bytes after transformation in case of enveloped signature
		Transforms transforms = reference.getTransforms();
		if (transforms != null) {
			Element transformsElement = transforms.getElement();
			NodeList transformChildNodes = transformsElement.getChildNodes();
			if (transformChildNodes != null && transformChildNodes.getLength() > 0) {
				for (int i = 0; i < transformChildNodes.getLength(); i++) {
					Node transformation = transformChildNodes.item(i);
					if (isEnvelopedTransform(transformation)) {
						return reference.getReferencedBytes();
					}
				    // if enveloped transformations are not applied to the signature go further and 
					// return bytes before transformation
				}
			}
		}
		
	} catch (XMLSecurityException | XMLSecurityRuntimeException e) {
		// if exception occurs during the transformations
		LOG.warn("Signature reference with id [{}] is corrupted or has an invalid format. "
				+ "Original data cannot be obtained. Reason: [{}]", reference.getId(), e.getMessage());
		
	}
	// otherwise bytes before transformation
	return getBytesBeforeTransformation(reference);
}
 
Example #23
Source File: DSSXMLUtils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
/**
 * Checks if the given reference is linked to a KeyInfo element
 * 
 * @param reference
 *                  the {@link Reference} to check
 * @param signature
 *                  the {@link Element} signature the given reference belongs to
 * @return TRUE if the reference is a KeyInfo reference, FALSE otherwise
 */
public static boolean isKeyInfoReference(final Reference reference, final Element signature) {
	String uri = reference.getURI();
	uri = DomUtils.getId(uri);
	Element element = DomUtils.getElement(signature, XMLDSigPaths.KEY_INFO_PATH + DomUtils.getXPathByIdAttribute(uri));
	if (element != null) {
		return true;
	}
	return false;
}
 
Example #24
Source File: XAdESReferenceValidation.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private String extractUri(Reference reference) {
	if (reference != null) {
		Element element = reference.getElement();
		if (element != null) {
			return DSSXMLUtils.getAttribute(element, XMLDSigAttribute.URI.getAttributeName());
		}
	}
	return null;
}
 
Example #25
Source File: XAdESLevelBIndividualDataObjectTimeStampTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
@BeforeEach
public void init() throws Exception {
	documentToSign = new FileDocument(new File("src/test/resources/sample.xml"));

	String referenceId = "TOTO";

	// Canonicalization is optional
	String canonicalizationAlgo = CanonicalizationMethod.EXCLUSIVE;

	List<DSSTransform> transforms = new ArrayList<>();
	Base64Transform dssTransform = new Base64Transform();
	transforms.add(dssTransform);

	List<DSSReference> references = new ArrayList<>();
	DSSReference dssReference = new DSSReference();
	dssReference.setContents(documentToSign);
	dssReference.setId(referenceId);
	dssReference.setUri("#" + documentToSign.getName());
	dssReference.setDigestMethodAlgorithm(DigestAlgorithm.SHA1);
	dssReference.setTransforms(transforms);
	dssReference.setType(Reference.OBJECT_URI);
	references.add(dssReference);

	signatureParameters = new XAdESSignatureParameters();
	signatureParameters.setSigningCertificate(getSigningCert());
	signatureParameters.setCertificateChain(getCertificateChain());
	signatureParameters.setSignaturePackaging(SignaturePackaging.ENVELOPING);
	signatureParameters.setSignatureLevel(SignatureLevel.XAdES_BASELINE_B);
	signatureParameters.setDigestAlgorithm(DigestAlgorithm.SHA1);
	signatureParameters.setReferences(references);

	byte[] digest = DSSUtils.digest(DigestAlgorithm.SHA1, DSSXMLUtils.canonicalize(canonicalizationAlgo, DSSUtils.toByteArray(documentToSign)));
	TimestampBinary timeStampResponse = getAlternateGoodTsa().getTimeStampResponse(DigestAlgorithm.SHA1, digest);
	TimestampToken timestampToken = new TimestampToken(timeStampResponse.getBytes(), TimestampType.INDIVIDUAL_DATA_OBJECTS_TIMESTAMP);
	timestampToken.setTimestampIncludes(Arrays.asList(new TimestampInclude(referenceId, true)));
	timestampToken.setCanonicalizationMethod(canonicalizationAlgo);
	signatureParameters.setContentTimestamps(Arrays.asList(timestampToken));

	service = new XAdESService(getOfflineCertificateVerifier());
}
 
Example #26
Source File: XAdESLevelBEnvelopingWithRefsTest.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private List<DSSReference> getReferences() {
	List<DSSReference> refs = new ArrayList<>();
	
	List<DSSTransform> transforms = new ArrayList<>();
	Base64Transform dssTransform = new Base64Transform();
	transforms.add(dssTransform);

	DSSReference ref1 = new DSSReference();
	ref1.setContents(doc1);
	ref1.setId("r-" + doc1.getName());
	ref1.setTransforms(transforms);
	ref1.setType(Reference.OBJECT_URI);
	ref1.setUri('#' + doc1.getName());
	ref1.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);

	DSSReference ref2 = new DSSReference();
	ref2.setContents(doc2);
	ref2.setId("r-" + doc2.getName());
	ref2.setTransforms(transforms);
	ref2.setType(Reference.OBJECT_URI);
	ref2.setUri('#' + doc2.getName());
	ref2.setDigestMethodAlgorithm(DigestAlgorithm.SHA256);

	refs.add(ref1);
	refs.add(ref2);
	
	return refs;
}
 
Example #27
Source File: AbstractXmlSigInHandler.java    From cxf with Apache License 2.0 5 votes vote down vote up
protected Reference getReference(XMLSignature sig) {
    int count = sig.getSignedInfo().getLength();
    if (count != 1) {
        throwFault("Multiple Signature References are not currently supported", null);
    }
    try {
        return sig.getSignedInfo().item(0);
    } catch (XMLSecurityException ex) {
        throwFault("Signature Reference is not available", ex);
    }
    return null;
}
 
Example #28
Source File: SignedDataObjectsProcessorTest.java    From xades4j with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Test
public void testProcess() throws Exception
{
    System.out.println("process");

    Document doc = getNewDocument();

    SignedDataObjects dataObjsDescs = new SignedDataObjects()
        .withSignedDataObject(new DataObjectReference("uri").withTransform(new EnvelopedSignatureTransform()))
        .withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test1")))
        .withSignedDataObject(new EnvelopedXmlObject(doc.createElement("test2"), "text/xml", null));

    XMLSignature xmlSignature = new XMLSignature(doc, "", XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256);
    xmlSignature.setId("sigId");

    AllwaysNullAlgsParamsMarshaller algsParamsMarshaller = new AllwaysNullAlgsParamsMarshaller();

    SignedDataObjectsProcessor processor = new SignedDataObjectsProcessor(new TestAlgorithmsProvider(), algsParamsMarshaller);
    Map<DataObjectDesc, Reference> result = processor.process(dataObjsDescs, xmlSignature);

    assertEquals(dataObjsDescs.getDataObjectsDescs().size(), result.size());
    assertEquals(2, xmlSignature.getObjectLength());
    assertEquals(xmlSignature.getSignedInfo().getLength(), dataObjsDescs.getDataObjectsDescs().size());

    assertEquals(1, algsParamsMarshaller.getInvokeCount());
    Reference ref = xmlSignature.getSignedInfo().item(0);
    assertEquals(1, ref.getTransforms().getLength());

    ObjectContainer obj = xmlSignature.getObjectItem(1);
    assertEquals("text/xml", obj.getMimeType());
    assertTrue(StringUtils.isNullOrEmptyString(obj.getEncoding()));

}
 
Example #29
Source File: DataGenIndivDataObjsTimeStamp.java    From xades4j with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected void addPropSpecificTimeStampInput(
        IndividualDataObjsTimeStampProperty prop,
        TimeStampDigestInput digestInput,
        PropertiesDataGenerationContext ctx) throws CannotAddDataToDigestInputException
{
    Collection<DataObjectDesc> targetDataObjs = prop.getTargetDataObjects();
    Map<DataObjectDesc, Reference> refsMaps = ctx.getReferencesMappings();

    for (DataObjectDesc dataObj : targetDataObjs)
    {
        Reference r = refsMaps.get(dataObj);
        digestInput.addReference(r);
    }
}
 
Example #30
Source File: DataGenAllDataObjsTimeStamp.java    From xades4j with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected void addPropSpecificTimeStampInput(
        AllDataObjsTimeStampProperty prop,
        TimeStampDigestInput digestInput,
        PropertiesDataGenerationContext ctx) throws CannotAddDataToDigestInputException
{
    List<Reference> refs = ctx.getReferences();
    for (Reference r : refs)
    {
        digestInput.addReference(r);
    }
}