XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean valid = xmlSignature.validate(domValidateContext);
Element signature = (Element) xp.evaluate("//dsig:Signature", root, XPathConstants.NODE); DOMValidateContext ctx = new DOMValidateContext(_cert.getPublicKey(), signature); NodeList idAttributes = (NodeList) xp.evaluate("//*[@ID]", root, XPathConstants.NODESET); for (int i = 0; i < idAttributes.getLength(); i++) { ctx.setIdAttributeNS((Element) idAttributes.item(i), null, "ID"); } XMLSignatureFactory sigF = XMLSignatureFactory.getInstance("DOM"); XMLSignature xmlSignature = sigF.unmarshalXMLSignature(ctx); if (xmlSignature.validate(ctx)) { ...
... Node sigNode = nodeList.item(0); DOMValidateContext context = new DOMValidateContext(keySelector, sigNode); context.setIdAttributeNS((Element) sigNode.getParentNode(), null, "ID"); XMLSignatureFactory factory = XMLSignatureFactory.getInstance(); try { XMLSignature signature = factory.unmarshalXMLSignature(context); if (!signature.validate(context)) { // works now! ...
public boolean isValida(final InputStream xmlStream) throws Exception { final DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); final Document document = dbf.newDocumentBuilder().parse(xmlStream); final NodeList nodeList = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nodeList.getLength() == 0) { throw new IllegalStateException("Nao foi encontrada a assinatura do XML."); } final String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); final XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); final DOMValidateContext validateContext = new DOMValidateContext(new X509KeySelector(), nodeList.item(0)); for (final String tag : AssinaturaDigital.ELEMENTOS_ASSINAVEIS) { final NodeList elements = document.getElementsByTagName(tag); if (elements.getLength() > 0) { validateContext.setIdAttributeNS((Element) elements.item(0), null, "Id"); } } return signatureFactory.unmarshalXMLSignature(validateContext).validate(validateContext); }
private boolean validateSignature(Node signatureNode, Node bodyTag, PublicKey publicKey) { boolean signatureIsValid = false; try { // Create a DOM XMLSignatureFactory that will be used to unmarshal the // document containing the XMLSignature String providerName = System.getProperty ("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); // Create a DOMValidateContext and specify a KeyValue KeySelector // and document context DOMValidateContext valContext = new DOMValidateContext(new X509KeySelector(publicKey), signatureNode); valContext.setIdAttributeNS((Element) bodyTag, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id"); // Unmarshal the XMLSignature. XMLSignature signature = fac.unmarshalXMLSignature(valContext); // Validate the XMLSignature. signatureIsValid = signature.validate(valContext); } catch (Exception ex) { logger.error("An Error Raised while Signature Validation"); logger.error("Cause: " + ex.getCause()); logger.error("Message: " + ex.getMessage()); } return signatureIsValid; }
public Result validate ( final Document doc ) throws Exception { final NodeList nl = doc.getElementsByTagNameNS ( XMLSignature.XMLNS, "Signature" ); //$NON-NLS-1$ if ( nl.getLength () == 0 ) { return new Result ( StatusCodes.VALIDATE_NO_SIGNATURE_DATA, "No signature data found" ); } final DOMValidateContext dvc = new DOMValidateContext ( this.keySelector, nl.item ( 0 ) ); final XMLSignature signature = this.factory.unmarshalXMLSignature ( dvc ); try { final boolean result = signature.validate ( dvc ); return new Result ( result, signature ); } catch ( final XMLSignatureException e ) { logger.debug ( "Failed to perform validation", e ); return Result.INVALID; } }
public boolean verify(String signedXml, X509Certificate trustedCertificate) { try { // Create a DOM XMLSignatureFactory that will be used to // generate the enveloped signature. XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); // Instantiate the document to be verified. DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().parse(new ByteArrayInputStream(signedXml.getBytes("UTF-8"))); setIdAttributesAsId(doc); // Find Signature element. NodeList nodeList = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nodeList.getLength() == 0) { throw new XmlSignerException("Cannot find Signature element."); } // Verify it hasn't been revoked PkixUtil.validateCertificate(trustedCertificate); // Create a DOMValidateContext and specify document context. PublicKey publicKey = trustedCertificate.getPublicKey(); DOMValidateContext valContext = new DOMValidateContext(publicKey, nodeList.item(0)); // Unmarshal the XMLSignature. XMLSignature signature = fac.unmarshalXMLSignature(valContext); // Validate the XMLSignature. boolean coreValidity = signature.validate(valContext); return coreValidity; } catch (Exception e) { throw new RuntimeException(e); } }
public Result validate ( final Document doc ) throws Exception { final NodeList nl = doc.getElementsByTagNameNS ( XMLSignature.XMLNS, "Signature" ); //$NON-NLS-1$ if ( nl.getLength () == 0 ) { return new Result ( StatusCodes.VALIDATE_NO_SIGNATURE_DATA, "No signature data found" ); } final DOMValidateContext dvc = new DOMValidateContext ( this.keySelector, nl.item ( 0 ) ); final XMLSignature signature = this.factory.unmarshalXMLSignature ( dvc ); try { final boolean result = signature.validate ( dvc ); return new Result ( result, signature ); } catch ( final XMLSignatureException e ) { logger.debug ( "Failed to perform validation", e ); return Result.INVALID; } }
/** * Check the xmldsig signature of the XML document. * * @param document * the document to test * @param publicKey * the public key corresponding to the key pair the document was signed with * @return true if a correct signature is present, false otherwise */ public static boolean validSignature(Document document, Key publicKey) { Node signatureNode = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature").item(0); KeySelector keySelector = KeySelector.singletonKeySelector(publicKey); try { String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); DOMValidateContext valContext = new DOMValidateContext(keySelector, signatureNode); XMLSignature signature = fac.unmarshalXMLSignature(valContext); return signature.validate(valContext); } catch (Exception e) { Logger.warn("Error validating an XML signature.", e); return false; } }
private static X509Certificate getVerifiedSignatureSigner(URL odfUrl, Node signatureNode) throws MarshalException, XMLSignatureException { if (null == odfUrl) { throw new IllegalArgumentException("odfUrl is null"); } KeyInfoKeySelector keySelector = new KeyInfoKeySelector(); DOMValidateContext domValidateContext = new DOMValidateContext(keySelector, signatureNode); ODFURIDereferencer dereferencer = new ODFURIDereferencer(odfUrl); domValidateContext.setURIDereferencer(dereferencer); XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); LOG.debug("java version: " + System.getProperty("java.version")); /* * Requires Java 6u10 because of a bug. See also: * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6696582 */ XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); if (false == validity) { LOG.debug("invalid signature"); return null; } // TODO: check what has been signed. X509Certificate signer = keySelector.getCertificate(); if (null == signer) { throw new IllegalStateException("signer X509 certificate is null"); } LOG.debug("signer: " + signer.getSubjectX500Principal()); return signer; }
boolean validity = xmlSignature.validate(domValidateContext);
boolean coreValidity = signature.validate(valContext);
public static X509Certificate verify(Document document) throws PeppolSecurityException { try { NodeList nl = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nl.getLength() == 0) throw new PeppolSecurityException("Cannot find Signature element"); X509KeySelector keySelector = new X509KeySelector(); DOMValidateContext valContext = new DOMValidateContext(keySelector, nl.item(0)); XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM"); XMLSignature signature = xmlSignatureFactory.unmarshalXMLSignature(valContext); if (!signature.validate(valContext)) throw new PeppolSecurityException("Signature failed."); return keySelector.getCertificate(); } catch (XMLSignatureException | MarshalException e) { throw new PeppolSecurityException("Unable to verify document signature.", e); } }
boolean coreValidity = signature.validate(valContext);
protected boolean validateXmlSignature(XmlSignatureConfig config, Document doc) throws XMLSignatureException { LOGGER.logMessage(LogLevel.DEBUG, String.format("开始根据配置[%s]进行XML数字签名验证...", config.toString())); try { // 查找签名元素 NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nl.getLength() == 0) { throw new Exception("没有找到<Signature>元素"); } LOGGER.logMessage(LogLevel.DEBUG, "找到<Signature>元素."); Node signatureNode = nl.item(0); XMLSignature signature = xmlSignatureFactory.unmarshalXMLSignature(new DOMStructure(signatureNode)); LOGGER.logMessage(LogLevel.DEBUG, "创建XMLSignature完成."); KeyPair keyPair = getXmlSignatureManager().getKeyPair(config.getUserId()); LOGGER.logMessage(LogLevel.DEBUG, "创建KeyPair完成."); DOMValidateContext valCtx = new DOMValidateContext(keyPair.getPublic(), signatureNode); LOGGER.logMessage(LogLevel.DEBUG, "创建DOMValidateContext完成."); boolean tag = signature.validate(valCtx); LOGGER.logMessage(LogLevel.DEBUG, String.format("根据配置[%s]进行XML数字签名生成结束", config.toString())); return tag; } catch (Exception e) { throw new XMLSignatureException("验证Enveloped格式的XML数字签名失败", e); } }
signature = factory.unmarshalXMLSignature(valContext); coreValidity = signature.validate(valContext);
/** * Validates a signature. * @param node input node * * @return true if signature valid * @throws QueryException query exception */ Item validateSignature(final ANode node) throws QueryException { try { final Document doc = toDOMNode(node); final DOMValidateContext valContext = new DOMValidateContext(new MyKeySelector(), doc); final NodeList signl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if(signl.getLength() < 1) throw CX_NOSIG.get(info, node); valContext.setNode(signl.item(0)); final XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); final XMLSignature signature = fac.unmarshalXMLSignature(valContext); return Bln.get(signature.validate(valContext)); } catch(final XMLSignatureException | SAXException | ParserConfigurationException | IOException e) { throw CX_IOEXC.get(info, e); } catch(final MarshalException e) { throw CX_SIGEXC.get(info, e); } }
/** * Validates a signature. * @param node input node * * @return true if signature valid * @throws QueryException query exception */ Item validateSignature(final ANode node) throws QueryException { try { final Document doc = toDOMNode(node); final DOMValidateContext valContext = new DOMValidateContext(new MyKeySelector(), doc); final NodeList signl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if(signl.getLength() < 1) throw CX_NOSIG.get(info, node); valContext.setNode(signl.item(0)); final XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); final XMLSignature signature = fac.unmarshalXMLSignature(valContext); return Bln.get(signature.validate(valContext)); } catch(final XMLSignatureException | SAXException | ParserConfigurationException | IOException e) { throw CX_IOEXC.get(info, e); } catch(final MarshalException e) { throw CX_SIGEXC.get(info, e); } }
XMLSignature signature = fac.unmarshalXMLSignature(valContext); boolean coreValidity = signature.validate(valContext);
XMLSignature signature = fac.unmarshalXMLSignature(valContext); boolean coreValidity = signature.validate(valContext);