org.apache.xml.security.signature.XMLSignatureException Java Examples

The following examples show how to use org.apache.xml.security.signature.XMLSignatureException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TimeStampDigestInputImpl.java    From xades4j with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public void addReference(Reference r) throws CannotAddDataToDigestInputException
{
    if (null == r)
    {
        throw new NullPointerException();
    }

    try
    {
        XMLSignatureInput refData = r.getContentsAfterTransformation();
        addToDigestInput(refData, r.getDocument());

    } catch (XMLSignatureException ex)
    {
        throw new CannotAddDataToDigestInputException(ex);
    }
}
 
Example #2
Source File: SignatureValidator.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
public void validate(Signature signature) throws ValidationException {
    log.debug("Attempting to validate signature using key from supplied credential");

    XMLSignature xmlSig = buildSignature(signature);

    Key validationKey = SecurityHelper.extractVerificationKey(validationCredential);
    if (validationKey == null) {
        log.debug("Supplied credential contained no key suitable for signature validation");
        throw new ValidationException("No key available to validate signature");
    }
    
    log.debug("Validating signature with signature algorithm URI: {}", signature.getSignatureAlgorithm());
    log.debug("Validation credential key algorithm '{}', key instance class '{}'", 
            validationKey.getAlgorithm(), validationKey.getClass().getName());

    try {
        if (xmlSig.checkSignatureValue(validationKey)) {
            log.debug("Signature validated with key from supplied credential");
            return;
        }
    } catch (XMLSignatureException e) {
        throw new ValidationException("Unable to evaluate key against signature", e);
    }

    log.debug("Signature did not validate against the credential's key");

    throw new ValidationException("Signature did not validate against the credential's key");
}
 
Example #3
Source File: SignatureUtils.java    From xades4j with GNU Lesser General Public License v3.0 5 votes vote down vote up
static void checkSignedPropertiesIncorporation(Element qualifyingPropsElem, Reference signedPropsRef) throws QualifyingPropertiesIncorporationException
{
    Element signedPropsElem = DOMHelper.getFirstChildElement(qualifyingPropsElem);
    if (signedPropsElem == null
            || !signedPropsElem.getLocalName().equals(QualifyingProperty.SIGNED_PROPS_TAG)
            || !signedPropsElem.getNamespaceURI().equals(QualifyingProperty.XADES_XMLNS))
    {
        throw new QualifyingPropertiesIncorporationException("SignedProperties not found as the first child of QualifyingProperties.");
    }

    DOMHelper.useIdAsXmlId(signedPropsElem);

    // Only QualifyingProperties in the signature's document are supported.
    // XML-DSIG 4.3.3.2: "a same-document reference is defined as a URI-Reference
    // that consists of a hash sign ('#') followed by a fragment"
    if (!signedPropsRef.getURI().startsWith("#"))
    {
        throw new QualifyingPropertiesIncorporationException("Only QualifyingProperties in the signature's document are supported");
    }

    try
    {
        Node sPropsNode = signedPropsRef.getNodesetBeforeFirstCanonicalization().getSubNode();
        if (sPropsNode == null || sPropsNode.getNodeType() != Node.ELEMENT_NODE)
        {
            throw new QualifyingPropertiesIncorporationException("The supposed reference over signed properties doesn't cover an element.");
        }

        // The referenced signed properties element must be the child of qualifying properties.
        Element referencedSignedPropsElem = (Element) sPropsNode;
        if (referencedSignedPropsElem != signedPropsElem)
        {
            throw new QualifyingPropertiesIncorporationException("The referenced SignedProperties are not contained by the proper QualifyingProperties element");
        }
    } catch (XMLSignatureException ex)
    {
        throw new QualifyingPropertiesIncorporationException("Cannot get the referenced SignedProperties", ex);
    }
}
 
Example #4
Source File: XAdESSignature.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
private void initDetachedSignatureResolvers(List<DSSDocument> detachedContents) {
	List<Reference> currentReferences = getReferences();
	for (Reference reference : currentReferences) {
		try {
			DigestAlgorithm digestAlgorithm = DigestAlgorithm.forXML(reference.getMessageDigestAlgorithm().getAlgorithmURI());
			santuarioSignature
					.addResourceResolver(new DetachedSignatureResolver(detachedContents, digestAlgorithm));
		} catch (XMLSignatureException e) {
			LOG.warn("Unable to retrieve reference digest algorithm {}", reference.getId(), e);
		}
	}
}
 
Example #5
Source File: FederationMetaDataTest.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void validateMetaDataWithAlias() throws ProcessingException, XMLSignatureException, XMLSecurityException {

    FedizContext config = loadConfig("ROOT");

    FedizProcessor wfProc = new FederationProcessorImpl();
    Document doc = wfProc.getMetaData(null, config);
    Assert.assertNotNull(doc);

    Node signatureNode = doc.getElementsByTagName("Signature").item(0);
    Assert.assertNotNull(signatureNode);

    doc.getDocumentElement().setIdAttributeNS(null, "ID", true);

    try {
        DOMUtils.writeXml(doc, System.out);
    } catch (TransformerException e) {
        fail("Exception not expected: " + e.getMessage());
    }

    // Validate the signature
    XMLSignature signature = new XMLSignature((Element)signatureNode, "");
    KeyInfo ki = signature.getKeyInfo();
    Assert.assertNotNull(ki);
    Assert.assertNotNull(ki.getX509Certificate());

    Assert.assertTrue(signature.checkSignatureValue(ki.getX509Certificate()));
}
 
Example #6
Source File: SAMLMetaDataTest.java    From cxf-fediz with Apache License 2.0 5 votes vote down vote up
@org.junit.Test
public void validateMetaDataWithAlias() throws ProcessingException, XMLSignatureException, XMLSecurityException {

    FedizContext config = loadConfig("ROOT");

    FedizProcessor wfProc = new FederationProcessorImpl();
    HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
    EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(TEST_REQUEST_URL)).times(2);
    EasyMock.expect(req.getContextPath()).andReturn(CONTEXT_PATH).times(2);
    EasyMock.replay(req);

    Document doc = wfProc.getMetaData(req, config);
    Assert.assertNotNull(doc);

    Node signatureNode = doc.getElementsByTagName("Signature").item(0);
    Assert.assertNotNull(signatureNode);

    doc.getDocumentElement().setIdAttributeNS(null, "ID", true);

    try {
        DOMUtils.writeXml(doc, System.out);
    } catch (TransformerException e) {
        fail("Exception not expected: " + e.getMessage());
    }

    // Validate the signature
    XMLSignature signature = new XMLSignature((Element)signatureNode, "");
    KeyInfo ki = signature.getKeyInfo();
    Assert.assertNotNull(ki);
    Assert.assertNotNull(ki.getX509Certificate());

    Assert.assertTrue(signature.checkSignatureValue(ki.getX509Certificate()));

}
 
Example #7
Source File: SignatureRSARIPEMD160AT.java    From dss with GNU Lesser General Public License v2.1 2 votes vote down vote up
/**
 * Constructor SignatureECDSARIPEMD160
 *
 * @throws org.apache.xml.security.signature.XMLSignatureException
 */
public SignatureRSARIPEMD160AT() throws XMLSignatureException {
	super();
}
 
Example #8
Source File: SignatureECDSARIPEMD160.java    From dss with GNU Lesser General Public License v2.1 2 votes vote down vote up
/**
 * Constructor SignatureECDSARIPEMD160
 *
 * @throws XMLSignatureException
 */
public SignatureECDSARIPEMD160() throws XMLSignatureException {
	super();
}