Java Code Examples for javax.xml.crypto.dsig.Reference#getTransforms()
The following examples show how to use
javax.xml.crypto.dsig.Reference#getTransforms() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DigSigUtil.java From juddi with Apache License 2.0 | 4 votes |
|
private boolean verifySignature(Element element, PublicKey validatingKey, AtomicReference<String> OutReadableErrorMessage) {
if (OutReadableErrorMessage == null) {
OutReadableErrorMessage = new AtomicReference<String>();
}
XMLSignatureFactory fac = initXMLSigFactory();
NodeList nl = element.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new RuntimeException("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(validatingKey, nl.item(0));
try {
valContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
XMLSignature signature = fac.unmarshalXMLSignature(valContext);
boolean coreValidity = signature.validate(valContext);
// Check core validation status.
if (coreValidity == false) {
logger.warn("Signature failed core validation");
boolean sv = signature.getSignatureValue().validate(valContext);
logger.debug("signature validation status: " + sv);
OutReadableErrorMessage.set("signature validation failed: " + sv + "." + OutReadableErrorMessage.get());
// Check the validation status of each Reference.
@SuppressWarnings("unchecked")
Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
//System.out.println("---------------------------------------------");
for (int j = 0; i.hasNext(); j++) {
Reference ref = (Reference) i.next();
boolean refValid = ref.validate(valContext);
logger.debug(j);
logger.debug("ref[" + j + "] validity status: " + refValid);
if (!refValid) {
OutReadableErrorMessage.set("signature reference " + j + " invalid. " + OutReadableErrorMessage.get());
}
logger.debug("Ref type: " + ref.getType() + ", URI: " + ref.getURI());
for (Object xform : ref.getTransforms()) {
logger.debug("Transform: " + xform);
}
String calcDigValStr = digestToString(ref.getCalculatedDigestValue());
String expectedDigValStr = digestToString(ref.getDigestValue());
logger.warn(" Calc Digest: " + calcDigValStr);
logger.warn("Expected Digest: " + expectedDigValStr);
if (!calcDigValStr.equalsIgnoreCase(expectedDigValStr)) {
OutReadableErrorMessage.set("digest mismatch for signature ref " + j + "." + OutReadableErrorMessage.get());
}
}
} else {
logger.info("Signature passed core validation");
}
return coreValidity;
} catch (Exception e) {
OutReadableErrorMessage.set("signature validation failed: " + e.getMessage() + OutReadableErrorMessage.get());
logger.fatal(e);
return false;
}
}
Example 2
| Source File: TckSigningUtil.java From juddi with Apache License 2.0 | 4 votes |
|
public static boolean verifySignature(Element element, PublicKey validatingKey) {
XMLSignatureFactory fac = initXMLSigFactory();
NodeList nl = element.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new RuntimeException("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(validatingKey, nl.item(0));
try {
valContext.setProperty("javax.xml.crypto.dsig.cacheReference", Boolean.TRUE);
XMLSignature signature = fac.unmarshalXMLSignature(valContext);
boolean coreValidity = signature.validate(valContext);
// Check core validation status.
if (coreValidity == false) {
System.err.println("Signature failed core validation");
boolean sv = signature.getSignatureValue().validate(valContext);
System.out.println("signature validation status: " + sv);
// Check the validation status of each Reference.
@SuppressWarnings("unchecked")
Iterator<Reference> i = signature.getSignedInfo().getReferences().iterator();
System.out.println("---------------------------------------------");
for (int j = 0; i.hasNext(); j++) {
Reference ref = (Reference) i.next();
boolean refValid = ref.validate(valContext);
System.out.println("ref[" + j + "] validity status: " + refValid);
System.out.println("Ref type: " + ref.getType() + ", URI: " + ref.getURI());
for (Object xform : ref.getTransforms()) {
System.out.println("Transform: " + xform);
}
String calcDigValStr = digestToString(ref.getCalculatedDigestValue());
String expectedDigValStr = digestToString(ref.getDigestValue());
System.out.println(" Calc Digest: " + calcDigValStr);
System.out.println("Expected Digest: " + expectedDigValStr);
InputStream is = ref.getDigestInputStream();
InputStreamReader isr = new InputStreamReader(is);
BufferedReader br = new BufferedReader(isr);
String line;
while ((line = br.readLine()) != null) {
System.out.println(line);
}
is.close();
System.out.println("---------------------------------------------");
}
} else {
System.out.println("Signature passed core validation");
}
return coreValidity;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
