Menu
▾
▴
[Neuclear-develop] neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec KeyInfo.java,1.6,1.7 SignedElement.java,1.6,1.7 XMLSignature.java,1.7,1.8
|
From: <pe...@us...> - 2004-01-08 23:38:10
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec
In directory sc8-pr-cvs1:/tmp/cvs-serv8453/src/java/org/neuclear/xml/xmlsec
Modified Files:
KeyInfo.java SignedElement.java XMLSignature.java
Log Message:
XMLSignature can now give you the Signing key and the id of the signer.
SignedElement can now self verify using embedded public keys as well as KeyName's
Added NeuclearKeyResolver for resolving public key's from Identity certificates.
SignedNamedObjects can now generate their own name using the following format:
neu:sha1://[sha1 of PublicKey]![sha1 of full signed object]
The resulting object has a special internally generted Identity containing the PublicKey
Identity can now contain nothing but a public key
Index: KeyInfo.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/KeyInfo.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** KeyInfo.java 7 Jan 2004 23:11:51 -0000 1.6
--- KeyInfo.java 8 Jan 2004 23:38:06 -0000 1.7
***************
*** 5,8 ****
--- 5,10 ----
import org.dom4j.Element;
import org.neuclear.commons.crypto.CryptoException;
+ import org.neuclear.commons.crypto.Base64;
+ import org.neuclear.commons.crypto.CryptoTools;
import org.neuclear.commons.crypto.keyresolvers.KeyResolverFactory;
***************
*** 89,92 ****
--- 91,116 ----
/**
* Method getPublicKey
+ *
+ * @return
+ * @throws XMLSecurityException
+ */
+ public final String getKeyName()
+ throws XMLSecurityException {
+ if (pub == null) {
+ Iterator iter=getElement().elementIterator();
+ while (iter.hasNext()&&pub==null) {
+ Element element = (Element) iter.next();
+ if(element.getName().equals("KeyName"))
+ return element.getTextTrim();
+ else if(element.getName().equals("X509Data"))
+ return "x509v3:"+Base64.encode(extractX509(element).getSerialNumber());
+ if (element.getName().equals("KeyValue"))
+ return "sha1:"+Base64.encode(CryptoTools.digest(parseKeyValue(element).getEncoded()));
+ }
+ }
+ return null;
+ }
+ /**
+ * Method getPublicKey
*
* @return
***************
*** 114,117 ****
--- 138,144 ----
}
private PublicKey parseX509(final Element element){
+ return extractX509(element).getPublicKey();
+ }
+ private X509Certificate extractX509(final Element element){
Element x509Data=element.element("X509Data");
if (x509Data!=null){
***************
*** 119,124 ****
byte encoded[]=XMLSecTools.decodeBase64Element(x509Data);
CertificateFactory fact=CertificateFactory.getInstance("X509v3");
! Certificate cert=fact.generateCertificate(new ByteArrayInputStream(encoded));
! return cert.getPublicKey();
} catch (XMLSecurityException e) {
return null;
--- 146,151 ----
byte encoded[]=XMLSecTools.decodeBase64Element(x509Data);
CertificateFactory fact=CertificateFactory.getInstance("X509v3");
! X509Certificate cert=(X509Certificate) fact.generateCertificate(new ByteArrayInputStream(encoded));
! return cert;
} catch (XMLSecurityException e) {
return null;
Index: SignedElement.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedElement.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** SignedElement.java 19 Dec 2003 18:03:07 -0000 1.6
--- SignedElement.java 8 Jan 2004 23:38:06 -0000 1.7
***************
*** 1,4 ****
--- 1,13 ----
/* $Id$
* $Log$
+ * Revision 1.7 2004/01/08 23:38:06 pelle
+ * XMLSignature can now give you the Signing key and the id of the signer.
+ * SignedElement can now self verify using embedded public keys as well as KeyName's
+ * Added NeuclearKeyResolver for resolving public key's from Identity certificates.
+ * SignedNamedObjects can now generate their own name using the following format:
+ * neu:sha1://[sha1 of PublicKey]![sha1 of full signed object]
+ * The resulting object has a special internally generted Identity containing the PublicKey
+ * Identity can now contain nothing but a public key
+ *
* Revision 1.6 2003/12/19 18:03:07 pelle
* Revamped a lot of exception handling throughout the framework, it has been simplified in most places:
***************
*** 197,204 ****
* This verifies the signature of the object.
*/
! public final boolean verifySignature(final PublicKey pub) throws XMLSecurityException, CryptoException {
if (sig == null)
throw new XMLSecurityException("The object can not be verified as it doesnt contain a signature");
return sig.verifySignature(pub);
}
--- 206,221 ----
* This verifies the signature of the object.
*/
! public final boolean verifySignature(final PublicKey pub) throws XMLSecurityException {
if (sig == null)
throw new XMLSecurityException("The object can not be verified as it doesnt contain a signature");
return sig.verifySignature(pub);
+ }
+ /**
+ * This verifies the signature of the object.
+ */
+ public final boolean verifySignature() throws XMLSecurityException {
+ if (sig == null)
+ throw new XMLSecurityException("The object can not be verified as it doesnt contain a signature");
+ return sig.verifySignature();
}
Index: XMLSignature.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** XMLSignature.java 7 Jan 2004 23:11:51 -0000 1.7
--- XMLSignature.java 8 Jan 2004 23:38:06 -0000 1.8
***************
*** 1,4 ****
--- 1,13 ----
/* $Id$
* $Log$
+ * Revision 1.8 2004/01/08 23:38:06 pelle
+ * XMLSignature can now give you the Signing key and the id of the signer.
+ * SignedElement can now self verify using embedded public keys as well as KeyName's
+ * Added NeuclearKeyResolver for resolving public key's from Identity certificates.
+ * SignedNamedObjects can now generate their own name using the following format:
+ * neu:sha1://[sha1 of PublicKey]![sha1 of full signed object]
+ * The resulting object has a special internally generted Identity containing the PublicKey
+ * Identity can now contain nothing but a public key
+ *
* Revision 1.7 2004/01/07 23:11:51 pelle
* XMLSig now has various added features:
***************
*** 250,261 ****
public final boolean verifySignature() throws XMLSecurityException {
! final Element keyInfoElem = getElement().element(XMLSecTools.createQName("KeyInfo"));
! if (keyInfoElem == null)
throw new XMLSecurityException("Signature does not contain an embedded PublicKey");
- final KeyInfo ki = new KeyInfo(keyInfoElem);
- final PublicKey pk = ki.getPublicKey();
return verifySignature(pk);
}
public final boolean verifySignature(final PublicKey pk) throws XMLSecurityException {
--- 259,290 ----
public final boolean verifySignature() throws XMLSecurityException {
! final PublicKey pk = getSignersKey();
! if (pk==null)
throw new XMLSecurityException("Signature does not contain an embedded PublicKey");
return verifySignature(pk);
}
+ public final PublicKey getSignersKey() throws XMLSecurityException {
+ KeyInfo key=getKeyInfo();
+ if (key == null)
+ return null;
+ return key.getPublicKey();
+ }
+ public final String getSignersId() throws XMLSecurityException {
+ KeyInfo key=getKeyInfo();
+ if (key == null)
+ return null;
+ return key.getKeyName();
+ }
+ private final synchronized KeyInfo getKeyInfo() throws XMLSecurityException{
+ if (ki==null){
+ final Element keyInfoElem = getElement().element(XMLSecTools.createQName("KeyInfo"));
+ if (keyInfoElem == null)
+ ki=new KeyInfo(keyInfoElem);
+ }
+ return ki;
+ }
+
+
public final boolean verifySignature(final PublicKey pk) throws XMLSecurityException {
***************
*** 306,309 ****
--- 335,339 ----
private SignatureInfo si;
+ private KeyInfo ki;
private static final String TAG_NAME = "Signature";
// private PublicKey pub;
|
