@SuppressWarnings("unchecked") @Override public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { LOG.log(POILogger.DEBUG, "select key"); if (null == keyInfo) { throw new KeySelectorException("no ds:KeyInfo present"); } List<XMLStructure> keyInfoContent = keyInfo.getContent(); certChain.clear(); for (XMLStructure keyInfoStructure : keyInfoContent) { if (!(keyInfoStructure instanceof X509Data)) { continue; } X509Data x509Data = (X509Data) keyInfoStructure; List<?> x509DataList = x509Data.getContent(); for (Object x509DataObject : x509DataList) { if (!(x509DataObject instanceof X509Certificate)) { continue; } X509Certificate certificate = (X509Certificate) x509DataObject; LOG.log(POILogger.DEBUG, "certificate", certificate.getSubjectX500Principal()); certChain.add(certificate); } } if (certChain.isEmpty()) { throw new KeySelectorException("No key found!"); } return this; }
public Data dereference(URIReference uriReference, XMLCryptoContext context) throws URIReferenceException { if (baseUriDereferencer == null) { baseUriDereferencer = signatureConfig.getSignatureFactory().getURIDereferencer(); uri = new URI(uriReference.getURI()); } catch (URISyntaxException e) { throw new URIReferenceException("could not URL decode the uri: "+uriReference.getURI(), e); if (part == null) { LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri); return this.baseUriDereferencer.dereference(uriReference, context); throw new URIReferenceException("I/O error: " + e.getMessage(), e); return new OctetStreamData(dataStream, uri.toString(), null);
@Override public void postSign(Document document) throws MarshalException { // check for XAdES-BES NodeList nl = document.getElementsByTagNameNS(XADES_132_NS, "QualifyingProperties"); if (nl.getLength() != 1) { throw new MarshalException("no XAdES-BES extension present"); } QualifyingPropertiesType qualProps; try { qualProps = QualifyingPropertiesType.Factory.parse(nl.item(0), DEFAULT_XML_OPTIONS); } catch (XmlException e) { throw new MarshalException(e); } // create basic XML container structure UnsignedPropertiesType unsignedProps = qualProps.getUnsignedProperties(); if (unsignedProps == null) { unsignedProps = qualProps.addNewUnsignedProperties(); } UnsignedSignaturePropertiesType unsignedSigProps = unsignedProps.getUnsignedSignatureProperties(); if (unsignedSigProps == null) { /* unsignedSigProps = */ unsignedProps.addNewUnsignedSignatureProperties(); } Node n = document.importNode(qualProps.getDomNode().getFirstChild(), true); nl.item(0).getParentNode().replaceChild(n, nl.item(0)); } }
public Data dereference(URIReference uriRef, XMLCryptoContext context) throws URIReferenceException { try{ String uri = null; uri = uriRef.getURI(); return dereferenceURI(uri,context); }catch(Exception ex){ // log here throw new URIReferenceException(ex); } } Data dereferenceURI(String uri, XMLCryptoContext context) throws URIReferenceException{
LOG.log(POILogger.DEBUG, "data java type: " + data.getClass().getName()); OctetStreamData octetStreamData = (OctetStreamData) data; LOG.log(POILogger.DEBUG, "URI: " + octetStreamData.getURI()); InputStream octetStream = octetStreamData.getOctetStream(); doc = DocumentHelper.readDocument(octetStream); } catch (Exception e) { throw new TransformException(e.getMessage(), e);
protected static Node deReference(final Node node,XMLCryptoContext context)throws URIReferenceException { /*NodeList nodeList = ((Document)node).getElementsByTagNameNS(WSSE_EXT,"SecurityTokenReference"); final Node domNode = nodeList.item(0);*/ URIDereferencer dereferencer = context.getURIDereferencer(); //Dereference SecurityTokenReference; DOMURIReference domReference = new DOMURIReference(){ public Node getHere(){ return node; } public String getURI(){ return null; } public String getType(){ return null; } }; Data data = dereferencer.dereference(domReference, context); //Node parentNode = node.getParentNode(); Iterator nodeIterator = ((NodeSetData)data).iterator(); if(nodeIterator.hasNext()){ return (Node)nodeIterator.next(); }else{ throw new URIReferenceException("URI "+((Element)node).getAttribute("URI") + "not found"); } }
private Data dereference(XMLCryptoContext context) throws XMLSignatureException { Data data = null; // use user-specified URIDereferencer if specified; otherwise use deflt URIDereferencer deref = context.getURIDereferencer(); try { data = deref.dereference(this, context); } catch (URIReferenceException ure) { throw new XMLSignatureException(ure); } return data; }
Data dereferenceAttachments(final String uri, final XMLCryptoContext context) throws URIReferenceException{ JAXBFilterProcessingContext filterContext = (JAXBFilterProcessingContext) context.get(MessageConstants.WSS_PROCESSING_CONTEXT); SecuredMessage secureMsg = filterContext.getSecuredMessage(); Attachment attachment = secureMsg.getAttachment(uri); if(attachment == null){ throw new URIReferenceException ("Attachment Resource with Identifier "+uri+" was not found"); } AttachmentData attachData = new AttachmentData(attachment); return attachData; }
/** * Returns the prefix associated with the specified namespace URI * * @param context contains the namespace map * @param nsURI the namespace URI * @return the prefix associated with the specified namespace URI, or * null if not set */ public static String getNSPrefix(XMLCryptoContext context, String nsURI) { if (context != null) { return context.getNamespacePrefix (nsURI, context.getDefaultNamespacePrefix()); } else { return null; } }
private static boolean getBoolean(XMLCryptoContext xc, String name) { Boolean value = (Boolean)xc.getProperty(name); return value != null && value.booleanValue(); } }
public JAXBSignContext(Key signingKey){ if (signingKey == null) { throw new NullPointerException("signingKey cannot be null"); } setKeySelector(KeySelector.singletonKeySelector(signingKey)); }
/** Creates a new instance of StAXEnvelopedTransformWriter */ public StAXSTRTransformWriter(XMLStreamWriter writer,Data data,XMLCryptoContext xMLCryptoContext) { this.nextWriter = writer; this.data = data; if(data instanceof JAXBData){ ns = ((JAXBData)data).getNamespaceContext(); }else if(data instanceof StreamWriterData){ ns = ((StreamWriterData)data).getNamespaceContext(); } this.xMLCryptoContext = xMLCryptoContext; filterContext = (JAXBFilterProcessingContext) xMLCryptoContext.get(MessageConstants.WSS_PROCESSING_CONTEXT); }
public Data dereference (URIReference uriRef, XMLCryptoContext context) throws URIReferenceException { try{ String uri = null; uri = uriRef.getURI (); return dereferenceURI (uri,context); }catch(Exception ex){ throw new URIReferenceException (ex); } } Data dereferenceURI (String uri, XMLCryptoContext context) throws URIReferenceException{
throw new MarshalException(e); os.close(); } catch (Exception e) { throw new MarshalException("Unable to write signature document", e);
public Data dereference(URIReference uriRef, XMLCryptoContext context) throws URIReferenceException { try{ String uri = null; uri = uriRef.getURI(); return dereferenceURI(uri,context); }catch(Exception ex){ // log here throw new URIReferenceException(ex); } } Data dereferenceURI(String uri, XMLCryptoContext context) throws URIReferenceException{
qualDoc = QualifyingPropertiesDocument.Factory.parse(qualNl.item(0), DEFAULT_XML_OPTIONS); } catch (XmlException e) { throw new MarshalException(e); throw new MarshalException("no XAdES-BES extension present");
private X509Certificate unmarshalX509Certificate(Element elem) throws MarshalException { try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) { return (X509Certificate)cf.generateCertificate(bs); } catch (CertificateException e) { throw new MarshalException("Cannot create X509Certificate", e); } catch (IOException e) { throw new MarshalException("Error closing stream", e); } }
/** * Unmarshals <code>SignatureMethodParameterSpec</code> from the specified * <code>Element</code>. By default, this method throws an exception since * most SignatureMethod algorithms do not have parameters. Subclasses should * override it if they have parameters. * * @param paramsElem the <code>Element</code> holding the input params * @return the algorithm-specific <code>SignatureMethodParameterSpec</code> * @throws MarshalException if the parameters cannot be unmarshalled */ SignatureMethodParameterSpec unmarshalParams(Element paramsElem) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getAlgorithm() + " SignatureMethod algorithm"); }
private X509CRL unmarshalX509CRL(Element elem) throws MarshalException { try (ByteArrayInputStream bs = unmarshalBase64Binary(elem)) { return (X509CRL)cf.generateCRL(bs); } catch (CRLException e) { throw new MarshalException("Cannot create X509CRL", e); } catch (IOException e) { throw new MarshalException("Error closing stream", e); } }
/** * Unmarshals <code>DigestMethodParameterSpec</code> from the specified * <code>Element</code>. By default, this method throws an exception since * most DigestMethod algorithms do not have parameters. Subclasses should * override it if they have parameters. * * @param paramsElem the <code>Element</code> holding the input params * @return the algorithm-specific <code>DigestMethodParameterSpec</code> * @throws MarshalException if the parameters cannot be unmarshalled */ DigestMethodParameterSpec unmarshalParams(Element paramsElem) throws MarshalException { throw new MarshalException("no parameters should " + "be specified for the " + getMessageDigestAlgorithm() + " DigestMethod algorithm"); }