.newXMLSignature(signedInfo, null, objects, signatureConfig.getPackageSignatureId(), signatureValueId);
KeyValue kv = kif.newKeyValue(pub); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc);
/** * 创建XMLSignature * * @param si * @param ki * @return */ protected XMLSignature createXMLSignature(SignedInfo si, KeyInfo ki) { return xmlSignatureFactory.newXMLSignature(si, ki); }
/** * * @param signInfo * @param keyInfo * @param id * @return XMLSignature */ public XMLSignature constructSignature(SignedInfo signInfo,javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo, final String id){ return getSignatureFactory().newXMLSignature(signInfo,keyInfo, null, id, null); }
/** * * @param signInfo * @param keyInfo * @return XMLSignature */ public XMLSignature constructSignature(SignedInfo signInfo,javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo){ return getSignatureFactory().newXMLSignature(signInfo,keyInfo); }
/** * * @param signInfo * @param keyInfo * @return XMLSignature */ public XMLSignature constructSignature(SignedInfo signInfo,KeyInfo keyInfo){ return getSignatureFactory().newXMLSignature(signInfo,keyInfo); }
/** * * @param signInfo * @param keyInfo * @param id * @return XMLSignature */ public XMLSignature constructSignature(SignedInfo signInfo,KeyInfo keyInfo, String id){ return getSignatureFactory().newXMLSignature(signInfo,keyInfo, null, id, null); }
@Nonnull @OverrideOnDemand public XMLSignature createXMLSignature (@Nonnull final X509Certificate aCertificate, @Nullable final List <? extends XMLObject> aObjects, @Nullable final String sID, @Nullable final String sSignatureValueID) throws Exception { ValueEnforcer.notNull (aCertificate, "certificate"); // Create the SignedInfo. final SignedInfo aSignedInfo = createSignedInfo (); // Collect certificate and key value in key info final KeyInfo aKeyInfo = createKeyInfo (aCertificate); // Create the XMLSignature, but don't sign it yet. return m_aSignatureFactory.newXMLSignature (aSignedInfo, aKeyInfo, aObjects, sID, sSignatureValueID); }
synchronized void sign ( final Key privateKey, final PublicKey publicKey, final Certificate cert, final Document doc ) throws Exception { final DOMSignContext dsc = new DOMSignContext ( privateKey, doc.getDocumentElement () ); final SignatureMethod sm = this.fac.newSignatureMethod ( fromAlg ( privateKey.getAlgorithm () ), null ); final SignedInfo si = this.fac.newSignedInfo ( this.cm, sm, Collections.singletonList ( this.ref ) ); final List<Object> data = new LinkedList<Object> (); if ( cert != null ) { data.add ( this.kif.newKeyValue ( cert.getPublicKey () ) ); data.add ( this.kif.newX509Data ( Collections.singletonList ( cert ) ) ); } else { data.add ( this.kif.newKeyValue ( publicKey ) ); } final KeyInfo ki = this.kif.newKeyInfo ( data ); final XMLSignature signature = this.fac.newXMLSignature ( si, ki ); // finally sign signature.sign ( dsc ); }
public static void signDOM(Node node, PrivateKey privateKey, Certificate origCert) { XMLSignatureFactory fac = initXMLSigFactory(); X509Certificate cert = (X509Certificate) origCert; // Create the KeyInfo containing the X509Data. KeyInfoFactory kif = fac.getKeyInfoFactory(); List<Object> x509Content = new ArrayList<Object>(); x509Content.add(cert.getSubjectX500Principal().getName()); x509Content.add(cert); X509Data xd = kif.newX509Data(x509Content); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); // Create a DOMSignContext and specify the RSA PrivateKey and // location of the resulting XMLSignature's parent element. DOMSignContext dsc = new DOMSignContext(privateKey, node); dsc.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ns2"); // Create the XMLSignature, but don't sign it yet. try { SignedInfo si = initSignedInfo(fac); XMLSignature signature = fac.newXMLSignature(si, ki); // Marshal, generate, and sign the enveloped signature. signature.sign(dsc); } catch (Exception e) { throw new RuntimeException(e); } }
final Reference reference = signatureFactory.newReference("#" + id, signatureFactory.newDigestMethod(DigestMethod.SHA1, null), transforms, null, null); final SignedInfo signedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); final XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(new DOMSignContext(keyEntry.getPrivateKey(), element.getParentNode()));
synchronized void sign ( final Key privateKey, final PublicKey publicKey, final Certificate cert, final Document doc ) throws Exception { final DOMSignContext dsc = new DOMSignContext ( privateKey, doc.getDocumentElement () ); final SignatureMethod sm = this.fac.newSignatureMethod ( fromAlg ( privateKey.getAlgorithm () ), null ); final SignedInfo si = this.fac.newSignedInfo ( this.cm, sm, Collections.singletonList ( this.ref ) ); final List<Object> data = new LinkedList<Object> (); if ( cert != null ) { data.add ( this.kif.newKeyValue ( cert.getPublicKey () ) ); data.add ( this.kif.newX509Data ( Collections.singletonList ( cert ) ) ); } else { data.add ( this.kif.newKeyValue ( publicKey ) ); } final KeyInfo ki = this.kif.newKeyInfo ( data ); final XMLSignature signature = this.fac.newXMLSignature ( si, ki ); // finally sign signature.sign ( dsc ); }
/** {@inheritDoc} */ @Override protected boolean doExecute(@Nonnull final Item<Element> item) throws StageProcessingException { Element element = item.unwrap(); XMLSignature signature = xmlSigFactory.newXMLSignature(buildSignedInfo(element), buildKeyInfo()); try { XMLSignContext context = new DOMSignContext(privKey, element, element.getFirstChild()); // Enable caching reference values if required for debugging. if (isDebugPreDigest() && log.isDebugEnabled()) { context.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE); } // Perform the signature operation signature.sign(context); // Log the pre-digest data for debugging if (isDebugPreDigest() && log.isDebugEnabled()) { Reference ref = (Reference) signature.getSignedInfo().getReferences().get(0); String preDigest = CharStreams.toString(new InputStreamReader(ref.getDigestInputStream(), "UTF-8")); log.debug("pre digest: {}", preDigest); } } catch (Exception e) { log.error("Unable to create signature for element", e); throw new StageProcessingException("Unable to create signature for element", e); } return true; }
private static void sign(XMLSignatureFactory fac, ExternalSignature externalSignature, XmlLocator locator, DOMSignedInfo si, XMLObject xo, KeyInfo ki, String signatureId) throws DocumentException { Document doc = locator.getDocument(); DOMSignContext domSignContext = new DOMSignContext(EmptyKey.getInstance(), doc.getDocumentElement()); List objects = null; if (xo != null) objects = Collections.singletonList(xo); DOMXMLSignature signature = (DOMXMLSignature)fac.newXMLSignature(si, ki, objects, signatureId, null); ByteArrayOutputStream byteRange = new ByteArrayOutputStream(); try { signature.marshal(domSignContext.getParent(), domSignContext.getNextSibling(), DOMUtils.getSignaturePrefix(domSignContext), domSignContext); Element signElement = findElement(doc.getDocumentElement().getChildNodes(), SecurityConstants.Signature); if (signatureId != null) signElement.setAttributeNS(SecurityConstants.XMLNS_URI, SecurityConstants.XMLNS_XADES, SecurityConstants.XADES_132_URI); List references = si.getReferences(); for (int i = 0; i < references.size(); i++) ((DOMReference)references.get(i)).digest(domSignContext); si.canonicalize(domSignContext, byteRange); Element signValue = findElement(signElement.getChildNodes(), SecurityConstants.SignatureValue); //Sign with ExternalSignature String valueBase64 = Base64.encode(externalSignature.sign(byteRange.toByteArray())); //Set calculated SignatureValue signValue.appendChild(doc.createTextNode(valueBase64)); locator.setDocument(doc); } catch (Exception e) { throw new DocumentException(e); } }
public void assinarTag(XMLSignatureFactory fac, ArrayList<Transform> transformList, PrivateKey privateKey, KeyInfo ki, Document doc, int i) { NodeList elements = doc.getLastChild().getChildNodes(); Element el = (Element) elements.item(i); el.setIdAttribute("Id", true); Reference ref; SignedInfo si; try { ref = fac.newReference("", fac.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", null), transformList, null, null); si = fac.newSignedInfo( fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null), Collections.singletonList(ref)); XMLSignature signature = fac.newXMLSignature(si, ki); DOMSignContext dsc = new DOMSignContext(privateKey, doc.getDocumentElement()); signature.sign(dsc); } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException | MarshalException | XMLSignatureException ex) { LOGGER.error("Erro ao assinar", ex); } } }
KeyValue kv = kif.newKeyValue(pub); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc);
private static void signImpl(DOMSignContext dsc, String digestMethod, String signatureMethod, String referenceURI, PublicKey publicKey, X509Certificate x509Certificate) throws GeneralSecurityException, MarshalException, XMLSignatureException { dsc.setDefaultNamespacePrefix("dsig"); DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null); Transform transform1 = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null); Transform transform2 = fac.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null); List<Transform> transformList = new ArrayList<Transform>(); transformList.add(transform1); transformList.add(transform2); Reference ref = fac.newReference(referenceURI, digestMethodObj, transformList, null, null); CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(canonicalizationMethodType, (C14NMethodParameterSpec) null); List<Reference> referenceList = Collections.singletonList(ref); SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null); SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethodObj, referenceList); KeyInfo ki = null; if (includeKeyInfoInSignature) { ki = createKeyInfo(publicKey, x509Certificate); } XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); }
private static void signImpl(DOMSignContext dsc, String digestMethod, String signatureMethod, String referenceURI, PublicKey publicKey, X509Certificate x509Certificate) throws GeneralSecurityException, MarshalException, XMLSignatureException { dsc.setDefaultNamespacePrefix("dsig"); DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null); Transform transform1 = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null); Transform transform2 = fac.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null); List<Transform> transformList = new ArrayList<Transform>(); transformList.add(transform1); transformList.add(transform2); Reference ref = fac.newReference(referenceURI, digestMethodObj, transformList, null, null); CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(canonicalizationMethodType, (C14NMethodParameterSpec) null); List<Reference> referenceList = Collections.singletonList(ref); SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null); SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethodObj, referenceList); KeyInfo ki = null; if(includeKeyInfoInSignature){ ki = createKeyInfo(publicKey,x509Certificate); } XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); }
private static void signImpl(DOMSignContext dsc, String digestMethod, String signatureMethod, String referenceURI, PublicKey publicKey, X509Certificate x509Certificate) throws GeneralSecurityException, MarshalException, XMLSignatureException { dsc.setDefaultNamespacePrefix("dsig"); DigestMethod digestMethodObj = fac.newDigestMethod(digestMethod, null); Transform transform1 = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null); Transform transform2 = fac.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null); List<Transform> transformList = new ArrayList<Transform>(); transformList.add(transform1); transformList.add(transform2); Reference ref = fac.newReference(referenceURI, digestMethodObj, transformList, null, null); CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(canonicalizationMethodType, (C14NMethodParameterSpec) null); List<Reference> referenceList = Collections.singletonList(ref); SignatureMethod signatureMethodObj = fac.newSignatureMethod(signatureMethod, null); SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethodObj, referenceList); KeyInfo ki = null; if (includeKeyInfoInSignature) { ki = createKeyInfo(publicKey, x509Certificate); } XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); }
private void addSignature(Element parentElement) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, MarshalException, XMLSignatureException { DOMSignContext domSignContext = new DOMSignContext( this.sessionKey.getPrivate(), parentElement); XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory .getInstance("DOM"); Reference reference = xmlSignatureFactory.newReference("#" + this.prototypeKeyBindingId, xmlSignatureFactory .newDigestMethod(DigestMethod.SHA1, null), Collections .singletonList(xmlSignatureFactory.newTransform( CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null)), null, null); SignedInfo signedInfo = xmlSignatureFactory.newSignedInfo( xmlSignatureFactory.newCanonicalizationMethod( CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), xmlSignatureFactory .newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(reference)); XMLSignature xmlSignature = xmlSignatureFactory.newXMLSignature( signedInfo, null); xmlSignature.sign(domSignContext); }