@Override public Output get(Input input) throws Exception { Transform transform = input.getSignatureFactory().newTransform(CanonicalizationMethod.INCLUSIVE, (TransformParameterSpec) null); Reference ref = input.getSignatureFactory().newReference("#propertiesObject", input.getSignatureFactory().newDigestMethod(input.getContentDigestAlgorithm(), null), Collections.singletonList(transform), null, null); String doc2 = "<ts:timestamp xmlns:ts=\"http:/timestamp\">" + System.currentTimeMillis() + "</ts:timestamp>"; InputStream is = new ByteArrayInputStream(doc2.getBytes("UTF-8")); Document doc = XmlSignatureHelper.newDocumentBuilder(Boolean.TRUE).parse(is); DOMStructure structure = new DOMStructure(doc.getDocumentElement()); SignatureProperty prop = input.getSignatureFactory().newSignatureProperty(Collections.singletonList(structure), input.getSignatureId(), "property"); SignatureProperties properties = input.getSignatureFactory().newSignatureProperties(Collections.singletonList(prop), "properties"); XMLObject propertiesObject = input.getSignatureFactory().newXMLObject(Collections.singletonList(properties), "propertiesObject", null, null); XmlSignatureProperties.Output result = new Output(); result.setReferences(Collections.singletonList(ref)); result.setObjects(Collections.singletonList(propertiesObject)); return result; }
public XmlSignatureHandler() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { this.builderFactory = DocumentBuilderFactory.newInstance(); this.builderFactory.setNamespaceAware(true); this.transformerFactory = TransformerFactory.newInstance(); this.signatureFactory = XMLSignatureFactory.getInstance("DOM"); this.digestMethod = signatureFactory.newDigestMethod(DigestMethod.SHA1, null); this.transformList = new ArrayList<Transform>(2); this.transformList.add( signatureFactory.newTransform( Transform.ENVELOPED, (TransformParameterSpec) null)); this.transformList.add( signatureFactory.newTransform( "http://www.w3.org/TR/2001/REC-xml-c14n-20010315", (TransformParameterSpec) null)); this.canonicalizationMethod = this.signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null); this.signatureMethod = this.signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); this.keyInfoFactory = this.signatureFactory.getKeyInfoFactory(); }
/** * Sign SAML element. * * @param element the element * @param privKey the priv key * @param pubKey the pub key * @return the element */ private static org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey, final PublicKey pubKey) { try { final String providerName = System.getProperty("jsr105Provider", SIGNATURE_FACTORY_PROVIDER_CLASS); final XMLSignatureFactory sigFactory = XMLSignatureFactory .getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); final List<Transform> envelopedTransform = Collections.singletonList(sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); final Reference ref = sigFactory.newReference(StringUtils.EMPTY, sigFactory .newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); // Create the SignatureMethod based on the type of key final SignatureMethod signatureMethod; final String algorithm = pubKey.getAlgorithm(); switch (algorithm) { case "DSA": signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null); break; case "RSA": signatureMethod = sigFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); break; default: throw new RuntimeException("Error signing SAML element: Unsupported type of key"); } final CanonicalizationMethod canonicalizationMethod = sigFactory .newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); // Create the SignedInfo final SignedInfo signedInfo = sigFactory.newSignedInfo( canonicalizationMethod, signatureMethod, Collections.singletonList(ref)); // Create a KeyValue containing the DSA or RSA PublicKey final KeyInfoFactory keyInfoFactory = sigFactory.getKeyInfoFactory(); final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey); // Create a KeyInfo and add the KeyValue to it final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValuePair)); // Convert the JDOM document to w3c (Java XML signature API requires w3c representation) final Element w3cElement = toDom(element); // Create a DOMSignContext and specify the DSA/RSA PrivateKey and // location of the resulting XMLSignature's parent element final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement); final Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement); dsc.setNextSibling(xmlSigInsertionPoint); // Marshal, generate (and sign) the enveloped signature final XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return toJdom(w3cElement); } catch (final Exception e) { throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e); } }
public RequestSigner ( final Configuration configuration ) throws Exception { this.fac = XMLSignatureFactory.getInstance ( "DOM" ); this.md = this.fac.newDigestMethod ( configuration.getDigestMethod (), null ); this.kif = this.fac.getKeyInfoFactory (); this.t = this.fac.newTransform ( Transform.ENVELOPED, (TransformParameterSpec)null ); this.ref = this.fac.newReference ( "", this.md, Collections.singletonList ( this.t ), null, null ); this.cm = this.fac.newCanonicalizationMethod ( CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec)null ); }
public Document sign(FileInputStream fileStream, KeyPair keyPair) throws ParserConfigurationException, SAXException, IOException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); DocumentBuilder builder = factory.newDocumentBuilder(); Document document = builder.parse(fileStream); DOMSignContext signContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement()); XMLSignatureFactory signFactory = XMLSignatureFactory .getInstance("DOM"); Reference ref = signFactory.newReference("", signFactory .newDigestMethod(digestMethod, null), Collections .singletonList(signFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = signFactory.newSignedInfo(signFactory .newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null), signFactory .newSignatureMethod(signatureMethod, null), Collections .singletonList(ref)); KeyInfoFactory kif = signFactory.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(keyPair.getPublic()); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = signFactory.newXMLSignature(si, ki); signature.sign(signContext); return document; }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } else if (!(params instanceof XPathFilterParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type XPathFilterParameterSpec"); } this.params = params; }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { if (!(params instanceof ExcC14NParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type ExcC14NParameterSpec"); } this.params = (C14NMethodParameterSpec)params; } }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } else if (!(params instanceof XPathFilter2ParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type XPathFilter2ParameterSpec"); } this.params = params; }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } if (!(params instanceof XSLTTransformParameterSpec)) { throw new InvalidAlgorithmParameterException("unrecognized params"); } this.params = params; }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { throw new InvalidAlgorithmParameterException("no parameters " + "should be specified for Canonical XML C14N algorithm"); } }
public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { throw new InvalidAlgorithmParameterException("no parameters " + "should be specified for Canonical XML 1.1 algorithm"); } }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } else if (!(params instanceof XPathFilterParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type XPathFilterParameterSpec"); } this.params = params; }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { if (!(params instanceof ExcC14NParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type ExcC14NParameterSpec"); } this.params = (C14NMethodParameterSpec)params; } }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } else if (!(params instanceof XPathFilter2ParameterSpec)) { throw new InvalidAlgorithmParameterException ("params must be of type XPathFilter2ParameterSpec"); } this.params = params; }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { throw new InvalidAlgorithmParameterException("params must be null"); } }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params == null) { throw new InvalidAlgorithmParameterException("params are required"); } if (!(params instanceof XSLTTransformParameterSpec)) { throw new InvalidAlgorithmParameterException("unrecognized params"); } this.params = params; }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { throw new InvalidAlgorithmParameterException("no parameters " + "should be specified for Canonical XML C14N algorithm"); } }
@Override public void init(TransformParameterSpec params) throws InvalidAlgorithmParameterException { if (params != null) { throw new InvalidAlgorithmParameterException("no parameters " + "should be specified for Canonical XML 1.1 algorithm"); } }
