Java Code Examples for javax.xml.crypto.dsig.XMLSignatureFactory#newCanonicalizationMethod()
The following examples show how to use
javax.xml.crypto.dsig.XMLSignatureFactory#newCanonicalizationMethod() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: XmlSignatureHelper.java From secure-data-service with Apache License 2.0 | 5 votes |
/** * Signs the SAML assertion using the specified public and private keys. * * @param document * SAML assertion be signed. * @param privateKey * Private key used to sign SAML assertion. * @param publicKey * Public key used to sign SAML asserion. * @return w3c element representation of specified document. * @throws NoSuchAlgorithmException * @throws InvalidAlgorithmParameterException * @throws KeyException * @throws MarshalException * @throws XMLSignatureException */ private Element signSamlAssertion(Document document, PrivateKey privateKey, X509Certificate certificate) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException { XMLSignatureFactory signatureFactory = XMLSignatureFactory.getInstance("DOM"); List<Transform> envelopedTransform = Collections.singletonList(signatureFactory.newTransform( Transform.ENVELOPED, (TransformParameterSpec) null)); Reference ref = signatureFactory.newReference("", signatureFactory.newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); SignatureMethod signatureMethod = null; if (certificate.getPublicKey() instanceof DSAPublicKey) { signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null); } else if (certificate.getPublicKey() instanceof RSAPublicKey) { signatureMethod = signatureFactory.newSignatureMethod(SignatureMethod.RSA_SHA1, null); } CanonicalizationMethod canonicalizationMethod = signatureFactory.newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); SignedInfo signedInfo = signatureFactory.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(ref)); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); X509Data data = keyInfoFactory.newX509Data(Collections.singletonList(certificate)); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(data)); Element w3cElement = document.getDocumentElement(); Node xmlSigInsertionPoint = getXmlSignatureInsertionLocation(w3cElement); DOMSignContext dsc = new DOMSignContext(privateKey, w3cElement, xmlSigInsertionPoint); XMLSignature signature = signatureFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return w3cElement; }
Example 2
Source File: AbstractSamlObjectBuilder.java From springboot-shiro-cas-mybatis with MIT License | 4 votes |
/** * Sign SAML element. * * @param element the element * @param privKey the priv key * @param pubKey the pub key * @return the element */ private org.jdom.Element signSamlElement(final org.jdom.Element element, final PrivateKey privKey, final PublicKey pubKey) { try { final String providerName = System.getProperty("jsr105Provider", SIGNATURE_FACTORY_PROVIDER_CLASS); final XMLSignatureFactory sigFactory = XMLSignatureFactory .getInstance("DOM", (Provider) Class.forName(providerName) .newInstance()); final List<Transform> envelopedTransform = Collections .singletonList(sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); final Reference ref = sigFactory.newReference("", sigFactory .newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); // Create the SignatureMethod based on the type of key final SignatureMethod signatureMethod; if (pubKey instanceof DSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.DSA_SHA1, null); } else if (pubKey instanceof RSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.RSA_SHA1, null); } else { throw new RuntimeException("Error signing SAML element: Unsupported type of key"); } final CanonicalizationMethod canonicalizationMethod = sigFactory .newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); // Create the SignedInfo final SignedInfo signedInfo = sigFactory.newSignedInfo( canonicalizationMethod, signatureMethod, Collections .singletonList(ref)); // Create a KeyValue containing the DSA or RSA PublicKey final KeyInfoFactory keyInfoFactory = sigFactory .getKeyInfoFactory(); final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey); // Create a KeyInfo and add the KeyValue to it final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections .singletonList(keyValuePair)); // Convert the JDOM document to w3c (Java XML signature API requires // w3c representation) final org.w3c.dom.Element w3cElement = toDom(element); // Create a DOMSignContext and specify the DSA/RSA PrivateKey and // location of the resulting XMLSignature's parent element final DOMSignContext dsc = new DOMSignContext(privKey, w3cElement); final org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement); dsc.setNextSibling(xmlSigInsertionPoint); // Marshal, generate (and sign) the enveloped signature final XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return toJdom(w3cElement); } catch (final Exception e) { throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e); } }
Example 3
Source File: SamlUtils.java From cas4.0.x-server-wechat with Apache License 2.0 | 4 votes |
private static Element signSamlElement(final Element element, final PrivateKey privKey, final PublicKey pubKey) { try { final String providerName = System.getProperty("jsr105Provider", JSR_105_PROVIDER); final XMLSignatureFactory sigFactory = XMLSignatureFactory .getInstance("DOM", (Provider) Class.forName(providerName) .newInstance()); final List envelopedTransform = Collections .singletonList(sigFactory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); final Reference ref = sigFactory.newReference("", sigFactory .newDigestMethod(DigestMethod.SHA1, null), envelopedTransform, null, null); // Create the SignatureMethod based on the type of key SignatureMethod signatureMethod; if (pubKey instanceof DSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.DSA_SHA1, null); } else if (pubKey instanceof RSAPublicKey) { signatureMethod = sigFactory.newSignatureMethod( SignatureMethod.RSA_SHA1, null); } else { throw new RuntimeException( "Error signing SAML element: Unsupported type of key"); } final CanonicalizationMethod canonicalizationMethod = sigFactory .newCanonicalizationMethod( CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null); // Create the SignedInfo final SignedInfo signedInfo = sigFactory.newSignedInfo( canonicalizationMethod, signatureMethod, Collections .singletonList(ref)); // Create a KeyValue containing the DSA or RSA PublicKey final KeyInfoFactory keyInfoFactory = sigFactory .getKeyInfoFactory(); final KeyValue keyValuePair = keyInfoFactory.newKeyValue(pubKey); // Create a KeyInfo and add the KeyValue to it final KeyInfo keyInfo = keyInfoFactory.newKeyInfo(Collections .singletonList(keyValuePair)); // Convert the JDOM document to w3c (Java XML signature API requires // w3c // representation) org.w3c.dom.Element w3cElement = toDom(element); // Create a DOMSignContext and specify the DSA/RSA PrivateKey and // location of the resulting XMLSignature's parent element DOMSignContext dsc = new DOMSignContext(privKey, w3cElement); org.w3c.dom.Node xmlSigInsertionPoint = getXmlSignatureInsertLocation(w3cElement); dsc.setNextSibling(xmlSigInsertionPoint); // Marshal, generate (and sign) the enveloped signature XMLSignature signature = sigFactory.newXMLSignature(signedInfo, keyInfo); signature.sign(dsc); return toJdom(w3cElement); } catch (final Exception e) { throw new RuntimeException("Error signing SAML element: " + e.getMessage(), e); } }