Java Code Examples for javax.xml.crypto.dsig.keyinfo.KeyInfoFactory#newKeyInfo()
The following examples show how to use
javax.xml.crypto.dsig.keyinfo.KeyInfoFactory#newKeyInfo() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 8 votes |
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException { // http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html // byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes(); // load the document that's going to be signed DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder builder = dbf.newDocumentBuilder(); Document doc = builder.parse(new ByteArrayInputStream(inputXml)); // create a key pair KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(512); KeyPair kp = kpg.generateKeyPair(); // sign the document DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(kp.getPublic()); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); OutputStream os = System.out; new XmlGenerator().generate(doc.getDocumentElement(), os); }
Example 2
Source File: SoapMultiSignature.java From cstc with GNU General Public License v3.0 | 6 votes |
private KeyInfo getKeyInfo(XMLSignatureFactory fac, PrivateKeyEntry keyEntry) throws Exception { String keyInfoChoice = (String) includeKeyInfo.getSelectedItem(); if( Boolean.parseBoolean(keyInfoChoice) ) { KeyInfo keyInfo; X509Certificate cert = (X509Certificate)keyEntry.getCertificate(); KeyInfoFactory keyInfoFac = fac.getKeyInfoFactory(); List<Object> x509Content = new ArrayList<Object>(); if( this.subject.isSelected() ) { x509Content.add(cert.getSubjectX500Principal().getName()); } if( this.serialIssuer.isSelected() ) { x509Content.add(keyInfoFac.newX509IssuerSerial(cert.getIssuerX500Principal().getName(),cert.getSerialNumber())); } if( this.issuer.isSelected() ) { x509Content.add(cert.getIssuerX500Principal().getName()); } if( this.certificate.isSelected() ) { x509Content.add(cert); } X509Data xd = keyInfoFac.newX509Data(x509Content); keyInfo = keyInfoFac.newKeyInfo(Collections.singletonList(xd)); return keyInfo; } return (KeyInfo)null; }
Example 3
Source File: STSServiceImpl.java From freehealth-connector with GNU Affero General Public License v3.0 | 6 votes |
private void signRequest(Element requestElement, PrivateKey privateKey, Object keyInfoValue) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException, KeyException { DOMSignContext domSignContext = new DOMSignContext(privateKey, requestElement, requestElement.getFirstChild()); String requestId = requestElement.getAttribute("RequestID"); requestElement.setIdAttribute("RequestID", true); List<Transform> transforms = new LinkedList(); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec)null)); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null)); Reference reference = xmlSignatureFactory.newReference("#" + requestId, xmlSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec)null), transforms, (String)null, (String)null); CanonicalizationMethod canonicalizationMethod = xmlSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null); SignatureMethod signatureMethod = xmlSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec)null); SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference)); KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory(); KeyInfo keyInfo = null; if (keyInfoValue instanceof PublicKey) { keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newKeyValue((PublicKey)keyInfoValue))); } else { if (!(keyInfoValue instanceof X509Certificate)) { throw new IllegalArgumentException("Unsupported keyinfo type [" + keyInfoValue.getClass() + "]"); } keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(keyInfoValue)))); } XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo); xmlSignature.sign(domSignContext); }
Example 4
Source File: Assinar.java From Java_NFe with MIT License | 6 votes |
private static void loadCertificates(ConfiguracoesNfe config, XMLSignatureFactory signatureFactory) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificadoException { Certificado certificado = config.getCertificado(); KeyStore keyStore = CertificadoService.getKeyStore(certificado); KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(certificado.getNome(), new KeyStore.PasswordProtection(certificado.getSenha().toCharArray())); privateKey = pkEntry.getPrivateKey(); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); List<X509Certificate> x509Content = new ArrayList<X509Certificate>(); x509Content.add(CertificadoService.getCertificate(certificado, keyStore)); X509Data x509Data = keyInfoFactory.newX509Data(x509Content); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); }
Example 5
Source File: STSServiceImpl.java From freehealth-connector with GNU Affero General Public License v3.0 | 6 votes |
private void signRequest(Element requestElement, PrivateKey privateKey, Object keyInfoValue) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException, KeyException { DOMSignContext domSignContext = new DOMSignContext(privateKey, requestElement, requestElement.getFirstChild()); String requestId = requestElement.getAttribute("RequestID"); requestElement.setIdAttribute("RequestID", true); List<Transform> transforms = new LinkedList(); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec)null)); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null)); Reference reference = xmlSignatureFactory.newReference("#" + requestId, xmlSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec)null), transforms, (String)null, (String)null); CanonicalizationMethod canonicalizationMethod = xmlSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null); SignatureMethod signatureMethod = xmlSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec)null); SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference)); KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory(); KeyInfo keyInfo = null; if (keyInfoValue instanceof PublicKey) { keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newKeyValue((PublicKey)keyInfoValue))); } else { if (!(keyInfoValue instanceof X509Certificate)) { throw new IllegalArgumentException("Unsupported keyinfo type [" + keyInfoValue.getClass() + "]"); } keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(keyInfoValue)))); } XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo); xmlSignature.sign(domSignContext); }
Example 6
Source File: STSServiceImpl.java From freehealth-connector with GNU Affero General Public License v3.0 | 6 votes |
private void signRequest(Element requestElement, PrivateKey privateKey, Object keyInfoValue) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException, KeyException { DOMSignContext domSignContext = new DOMSignContext(privateKey, requestElement, requestElement.getFirstChild()); String requestId = requestElement.getAttribute("RequestID"); requestElement.setIdAttribute("RequestID", true); List<Transform> transforms = new LinkedList(); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec)null)); transforms.add(xmlSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null)); Reference reference = xmlSignatureFactory.newReference("#" + requestId, xmlSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec)null), transforms, (String)null, (String)null); CanonicalizationMethod canonicalizationMethod = xmlSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec)null); SignatureMethod signatureMethod = xmlSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec)null); SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference)); KeyInfoFactory keyInfoFactory = xmlSignatureFactory.getKeyInfoFactory(); KeyInfo keyInfo = null; if (keyInfoValue instanceof PublicKey) { keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newKeyValue((PublicKey)keyInfoValue))); } else { if (!(keyInfoValue instanceof X509Certificate)) { throw new IllegalArgumentException("Unsupported keyinfo type [" + keyInfoValue.getClass() + "]"); } keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(keyInfoValue)))); } XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo); xmlSignature.sign(domSignContext); }
Example 7
Source File: Marshal.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 8
Source File: Marshal.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 9
Source File: XmlSignatureApplet.java From juddi with Apache License 2.0 | 5 votes |
private void signDOM(Node node, PrivateKey privateKey, Certificate origCert) { XMLSignatureFactory fac = initXMLSigFactory(); X509Certificate cert = (X509Certificate) origCert; // Create the KeyInfo containing the X509Data. KeyInfoFactory kif = fac.getKeyInfoFactory(); List<Object> x509Content = new ArrayList<Object>(); //x509Content.add(cert.getSubjectX500Principal().getName()); x509Content.add(cert); X509Data xd = kif.newX509Data(x509Content); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); // Create a DOMSignContext and specify the RSA PrivateKey and // location of the resulting XMLSignature's parent element. DOMSignContext dsc = new DOMSignContext(privateKey, node); dsc.putNamespacePrefix(XML_DIGSIG_NS, "ns2"); // Create the XMLSignature, but don't sign it yet. try { SignedInfo si = initSignedInfo(fac); XMLSignature signature = fac.newXMLSignature(si, ki); // Marshal, generate, and sign the enveloped signature. signature.sign(dsc); } catch (Exception e) { throw new RuntimeException(e); } }
Example 10
Source File: Marshal.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 11
Source File: TckSigningUtil.java From juddi with Apache License 2.0 | 5 votes |
public static void signDOM(Node node, PrivateKey privateKey, Certificate origCert) { XMLSignatureFactory fac = initXMLSigFactory(); X509Certificate cert = (X509Certificate) origCert; // Create the KeyInfo containing the X509Data. KeyInfoFactory kif = fac.getKeyInfoFactory(); List<Object> x509Content = new ArrayList<Object>(); x509Content.add(cert.getSubjectX500Principal().getName()); x509Content.add(cert); X509Data xd = kif.newX509Data(x509Content); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); // Create a DOMSignContext and specify the RSA PrivateKey and // location of the resulting XMLSignature's parent element. DOMSignContext dsc = new DOMSignContext(privateKey, node); dsc.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ns2"); // Create the XMLSignature, but don't sign it yet. try { SignedInfo si = initSignedInfo(fac); XMLSignature signature = fac.newXMLSignature(si, ki); // Marshal, generate, and sign the enveloped signature. signature.sign(dsc); } catch (Exception e) { throw new RuntimeException(e); } }
Example 12
Source File: XmlSignatureHelper.java From secure-data-service with Apache License 2.0 | 5 votes |
/** * Signs the SAML assertion using the specified public and private keys. * * @param document * SAML assertion be signed. * @param privateKey * Private key used to sign SAML assertion. * @param publicKey * Public key used to sign SAML asserion. * @return w3c element representation of specified document. * @throws NoSuchAlgorithmException * @throws InvalidAlgorithmParameterException * @throws KeyException * @throws MarshalException * @throws XMLSignatureException */ private Element signSamlAssertion(Document document, PrivateKey privateKey, X509Certificate certificate) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException { XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM"); List<Transform> envelopedTransform = Collections.singletonList(signatureFactory.newTransform( Transform.ENVELOPED, (TransformParameterSpec) null)); Reference ref = signatureFactory.newReference("", signatureFactory.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); SignatureMethod signatureMethod = null; if (certificate.getPublicKey() instanceof DSAPublicKey) { signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null); } else if (certificate.getPublicKey() instanceof RSAPublicKey) { signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); } CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(ref)); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); X509Data data = keyInfoFactory.newX509Data(Collections.singletonList(certificate)); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(data)); Element w3cElement = document.getDocumentElement(); Node xmlSigInsertionPoint = getXmlSignatureInsertionLocation(w3cElement); DOMSignContext dsc = new DOMSignContext(privateKey, w3cElement, xmlSigInsertionPoint); XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return w3cElement; }
Example 13
Source File: Marshal.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 14
Source File: Marshal.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 15
Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
public static void main(String[] args) throws SAXException, IOException, ParserConfigurationException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FHIRException, org.hl7.fhir.exceptions.FHIRException { // http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html // byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes(); // load the document that's going to be signed DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder builder = dbf.newDocumentBuilder(); Document doc = builder.parse(new ByteArrayInputStream(inputXml)); // create a key pair KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(512); KeyPair kp = kpg.generateKeyPair(); // sign the document DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(kp.getPublic()); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); OutputStream os = System.out; new XmlGenerator().generate(doc.getDocumentElement(), os); }
Example 16
Source File: Marshal.java From hottub with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 17
Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
public static void main(String[] args) throws Exception { // http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html // byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes(); // load the document that's going to be signed DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder builder = dbf.newDocumentBuilder(); Document doc = builder.parse(new ByteArrayInputStream(inputXml)); // // create a key pair // KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); // kpg.initialize(512); // KeyPair kp = kpg.generateKeyPair(); PublicKey pub = getPublicKey("C:\\work\\fhirserver\\tests\\signatures\\public_key.der"); PrivateKey priv = getPrivateKey("C:\\work\\fhirserver\\tests\\signatures\\private_key.der"); // sign the document DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(pub); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); OutputStream os = new FileOutputStream("c:\\temp\\java-digsig.xml"); new XmlGenerator().generate(doc.getDocumentElement(), os); }
Example 18
Source File: DigitalSignatures.java From org.hl7.fhir.core with Apache License 2.0 | 5 votes |
public static void main(String[] args) throws Exception { // http://docs.oracle.com/javase/7/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html // byte[] inputXml = "<Envelope xmlns=\"urn:envelope\">\r\n</Envelope>\r\n".getBytes(); // load the document that's going to be signed DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); DocumentBuilder builder = dbf.newDocumentBuilder(); Document doc = builder.parse(new ByteArrayInputStream(inputXml)); // // create a key pair // KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); // kpg.initialize(512); // KeyPair kp = kpg.generateKeyPair(); PublicKey pub = getPublicKey("C:\\work\\fhirserver\\tests\\signatures\\public_key.der"); PrivateKey priv = getPrivateKey("C:\\work\\fhirserver\\tests\\signatures\\private_key.der"); // sign the document DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(pub); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); OutputStream os = new FileOutputStream("c:\\temp\\java-digsig.xml"); new XmlGenerator().generate(doc.getDocumentElement(), os); }
Example 19
Source File: Marshal.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
public static void main(String[] args) throws Exception { KeyInfoFactory fac = KeyInfoFactory.getInstance(); KeyInfo ki = fac.newKeyInfo (Collections.singletonList(fac.newKeyName("foo")), "keyid"); try { ki.marshal(null, null); throw new Exception("Should raise a NullPointerException"); } catch (NullPointerException npe) {} DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Element elem = doc.createElementNS("http://acme.org", "parent"); doc.appendChild(elem); DOMStructure parent = new DOMStructure(elem); ki.marshal(parent, null); Element kiElem = DOMUtils.getFirstChildElement(elem); if (!kiElem.getLocalName().equals("KeyInfo")) { throw new Exception ("Should be KeyInfo element: " + kiElem.getLocalName()); } Element knElem = DOMUtils.getFirstChildElement(kiElem); if (!knElem.getLocalName().equals("KeyName")) { throw new Exception ("Should be KeyName element: " + knElem.getLocalName()); } }
Example 20
Source File: SamlUtils.java From cas4.0.x-server-wechat with Apache License 2.0 | 4 votes |
private static Element signSamlElement(final Element element, final PrivateKey privKey, final PublicKey pubKey) { try { final String providerName = System.getProperty("jsr105Provider", JSR_105_PROVIDER); final XMLSignatureFactory sigFactory = XMLSignatureFactory .getInstance("DOM", (Provider) Class.forName(providerName) .newInstance()); final List envelopedTransform = Collections .singletonList(sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); final Reference ref = sigFactory.newReference("", sigFactory .newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); // Create the SignatureMethod based on the type of key SignatureMethod signatureMethod; if (pubKey instanceof DSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.DSA_SHA1, null); } else if (pubKey instanceof RSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.RSA_SHA1, null); } else { throw new RuntimeException( "Error signing SAML element: Unsupported type of key"); } final CanonicalizationMethod canonicalizationMethod = sigFactory .newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); // Create the SignedInfo final SignedInfo signedInfo = sigFactory.newSignedInfo( canonicalizationMethod, signatureMethod, Collections .singletonList(ref)); // Create a KeyValue containing the DSA or RSA PublicKey final KeyInfoFactory keyInfoFactory = sigFactory .getKeyInfoFactory(); final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey); // Create a KeyInfo and add the KeyValue to it final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections .singletonList(keyValuePair)); // Convert the JDOM document to w3c (Java XML signature API requires // w3c // representation) org.w3c.dom.Element w3cElement = toDom(element); // Create a DOMSignContext and specify the DSA/RSA PrivateKey and // location of the resulting XMLSignature's parent element DOMSignContext dsc = new DOMSignContext(privKey, w3cElement); org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement); dsc.setNextSibling(xmlSigInsertionPoint); // Marshal, generate (and sign) the enveloped signature XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return toJdom(w3cElement); } catch (final Exception e) { throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e); } }