Menu
▾
▴
[Neuclear-develop] neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec InvalidSignatureException.java,NONE,1.1 QuickEmbeddedSignature.java,1.7,1.8 Reference.java,1.5,1.6 SignatureInfo.java,1.5,1.6 SignedElement.java,1.9,1.10 XMLSecTools.java,1.6,1.7 XMLSignature.java,1.9,1.10
|
From: <pe...@us...> - 2004-01-14 06:42:41
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec
In directory sc8-pr-cvs1:/tmp/cvs-serv29428/src/java/org/neuclear/xml/xmlsec
Modified Files:
QuickEmbeddedSignature.java Reference.java SignatureInfo.java
SignedElement.java XMLSecTools.java XMLSignature.java
Added Files:
InvalidSignatureException.java
Log Message:
Got rid of the verifyXXX() methods
--- NEW FILE: InvalidSignatureException.java ---
package org.neuclear.xml.xmlsec;
import java.security.PublicKey;
/**
* Created by IntelliJ IDEA.
* User: pelleb
* Date: Jan 13, 2004
* Time: 8:53:09 PM
* To change this template use Options | File Templates.
*/
public class InvalidSignatureException extends Exception {
public InvalidSignatureException(String a,String b) {
super("Digest: '"+a+"' not equal to: "+b);
}
public InvalidSignatureException(PublicKey pub){
super("Publick Key: "+pub.toString()+ " didnt sign this signature");
}
}
Index: QuickEmbeddedSignature.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/QuickEmbeddedSignature.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** QuickEmbeddedSignature.java 13 Jan 2004 23:37:59 -0000 1.7
--- QuickEmbeddedSignature.java 14 Jan 2004 06:42:38 -0000 1.8
***************
*** 8,11 ****
--- 8,14 ----
* $Id$
* $Log$
+ * Revision 1.8 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.7 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 139,143 ****
*/
public final class QuickEmbeddedSignature extends XMLSignature {
! public QuickEmbeddedSignature(final KeyPair keypair, final Element root) throws XMLSecurityException, CryptoException {
this(keypair.getPrivate(), root);
final Element sig = getElement();
--- 142,146 ----
*/
public final class QuickEmbeddedSignature extends XMLSignature {
! public QuickEmbeddedSignature(final KeyPair keypair, final Element root) throws XMLSecurityException, CryptoException, InvalidSignatureException {
this(keypair.getPrivate(), root);
final Element sig = getElement();
***************
*** 146,150 ****
}
! public QuickEmbeddedSignature(final PrivateKey key, final Element root) throws XMLSecurityException, CryptoException {
super(getSignatureElement(root, key));
final Element sig = getElement();
--- 149,153 ----
}
! public QuickEmbeddedSignature(final PrivateKey key, final Element root) throws XMLSecurityException, CryptoException, InvalidSignatureException {
super(getSignatureElement(root, key));
final Element sig = getElement();
***************
*** 156,160 ****
}
! public QuickEmbeddedSignature(final String name, final Signer signer, final Element root) throws XMLSecurityException, UserCancellationException, NonExistingSignerException {
super(getSignatureElement(root,signer.getKeyType(name)));
final Element sig = getElement();
--- 159,163 ----
}
! public QuickEmbeddedSignature(final String name, final Signer signer, final Element root) throws XMLSecurityException, UserCancellationException, NonExistingSignerException, InvalidSignatureException {
super(getSignatureElement(root,signer.getKeyType(name)));
final Element sig = getElement();
Index: Reference.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/Reference.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** Reference.java 13 Jan 2004 23:37:59 -0000 1.5
--- Reference.java 14 Jan 2004 06:42:38 -0000 1.6
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.6 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.5 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 113,116 ****
--- 116,121 ----
/**
+ * The Reference class implements the W3C XML Signature Spec Reference Object.
+ * The basic contract says that once it has been instantiated the digest value within is valid.
* @author pelleb
* @version $Revision$
***************
*** 118,121 ****
--- 123,127 ----
import org.dom4j.Element;
+ import org.dom4j.Node;
import org.neuclear.commons.Utility;
import org.neuclear.commons.crypto.Base64;
***************
*** 142,166 ****
public Reference(Element root, final int sigtype) throws XMLSecurityException {
super(Reference.TAG_NAME);
! try {
! final Canonicalizer canon;
! Element transformsElement = addElement("Transforms");
! if (sigtype == XMLSIGTYPE_ENVELOPED){
! canon=new CanonicalizerWithoutSignature();
! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/2000/09/xmldsig#enveloped-signature");
! }else {
! canon= new Canonicalizer();
! }
! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
! type=sigtype;
! final String id = root.attributeValue("id");
! if (!Utility.isEmpty(id))
! createAttribute("URI","#"+id);
! digest=createDigest(canon, root);
! addDigest();
! } catch (IOException e) {
! throw new XMLSecurityException(e);
! }
}
--- 148,168 ----
public Reference(Element root, final int sigtype) throws XMLSecurityException {
super(Reference.TAG_NAME);
! final Canonicalizer canon;
! Element transformsElement = addElement("Transforms");
! if (sigtype == XMLSIGTYPE_ENVELOPED){
! canon=new CanonicalizerWithoutSignature();
! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/2000/09/xmldsig#enveloped-signature");
! }else {
! canon= new Canonicalizer();
! }
! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
! type=sigtype;
! final String id = root.attributeValue("id");
! if (!Utility.isEmpty(id))
! createAttribute("URI","#"+id);
! digest=createDigest(canon, root);
! addDigest();
}
***************
*** 170,174 ****
}
! private static String createDigest(final Canonicalizer canon, Object root) throws IOException {
return new String(Base64.encode(CryptoTools.digest(canon.canonicalize(root))));
}
--- 172,176 ----
}
! private static String createDigest(final Canonicalizer canon, Object root) throws XMLSecurityException {
return new String(Base64.encode(CryptoTools.digest(canon.canonicalize(root))));
}
***************
*** 177,187 ****
super(Reference.TAG_NAME);
type=XMLSIGTYPE_DETACHED;
! try {
! createAttribute("URI",uri);
! digest=createDigest(new Canonicalizer(),loadReference(uri));
! addDigest();
! } catch (IOException e) {
! throw new XMLSecurityException(e);
! }
}
/**
--- 179,185 ----
super(Reference.TAG_NAME);
type=XMLSIGTYPE_DETACHED;
! createAttribute("URI",uri);
! digest=createDigest(new Canonicalizer(),loadReference(uri));
! addDigest();
}
/**
***************
*** 190,214 ****
* @throws XMLSecurityException
*/
! public Reference(final Element elem) throws XMLSecurityException {
super(elem);
- type=0;
if (!elem.getQName().getName().equals(TAG_NAME))
throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME);
! digest=new String(XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue"))));
! // findRefElement(elem);
}
! private static Object findRefElement(Element elem) throws XMLSecurityException {
if (elem.getParent() != null&&elem.getParent().getParent() != null&&elem.getParent().getParent().getParent() != null) { // Enveloped
! return elem.getDocument();
} else if (elem.getParent() != null&&elem.getParent().getParent() != null&&elem.getParent().getParent().element("Object") != null) { // Enveloped
! final List contents = elem.getParent().getParent().element("Object").content();
! if (contents.size() == 1)
! return contents.get(0);
! else
! return contents;
} else {// Detached
! return loadReference(elem.attributeValue("URI"));
}
}
--- 188,243 ----
* @throws XMLSecurityException
*/
! public Reference(final Element elem) throws XMLSecurityException, InvalidSignatureException {
super(elem);
if (!elem.getQName().getName().equals(TAG_NAME))
throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME);
! type=findSignatureType(elem);
!
! digest=new String(XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue"))));
!
! final Object object=findRefElement(type,elem);
! final Canonicalizer canon;
! if (type==XMLSIGTYPE_ENVELOPED)
! canon=new CanonicalizerWithoutSignature();
! else
! canon=new Canonicalizer();
!
! final String dig2 = createDigest(canon, object);
! if (!digest.equals(dig2))
! throw new InvalidSignatureException(digest,dig2);
}
! private static int findSignatureType(Element elem) throws XMLSecurityException {
if (elem.getParent() != null&&elem.getParent().getParent() != null&&elem.getParent().getParent().getParent() != null) { // Enveloped
! return XMLSIGTYPE_ENVELOPED;
} else if (elem.getParent() != null&&elem.getParent().getParent() != null&&elem.getParent().getParent().element("Object") != null) { // Enveloped
! return XMLSIGTYPE_ENVELOPING;
} else {// Detached
! return XMLSIGTYPE_DETACHED;
! }
! }
!
! private static Object findRefElement(int type,Element elem) throws XMLSecurityException {
! final String id=elem.attributeValue("URI");
! if (!Utility.isEmpty(id)){
! if (id.startsWith("#")&&id.length()>2){
! Node node= elem.getDocument().elementByID(id.substring(1));
! if (node!=null)
! return node;
! }
}
+ switch (type){
+ case XMLSIGTYPE_ENVELOPED:
+ return elem.getDocument();
+ case XMLSIGTYPE_ENVELOPING:
+ final List contents = elem.getParent().getParent().element("Object").content();
+ if (contents.size() == 1)
+ return contents.get(0);
+ else
+ return contents;
+ case XMLSIGTYPE_DETACHED:
+ return loadReference(id);
+ }
+ throw new XMLSecurityException("Confused Stated. Dont know what Signature Type we have");
}
Index: SignatureInfo.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignatureInfo.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** SignatureInfo.java 13 Jan 2004 23:37:59 -0000 1.5
--- SignatureInfo.java 14 Jan 2004 06:42:38 -0000 1.6
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.6 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.5 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 97,103 ****
public final class SignatureInfo extends AbstractXMLSigElement {
! public SignatureInfo(final XMLSignature sig, final Element root, final String uri, final int sigalg, final int sigtype) throws XMLSecurityException {
super(SignatureInfo.TAG_NAME);
- this.sig = sig;
this.algType = sigalg;
--- 100,105 ----
public final class SignatureInfo extends AbstractXMLSigElement {
! public SignatureInfo(final Element root, final int sigalg, final int sigtype) throws XMLSecurityException {
super(SignatureInfo.TAG_NAME);
this.algType = sigalg;
***************
*** 121,125 ****
}
! public SignatureInfo(final XMLSignature sig, final Element elem) throws XMLSecurityException {
super(elem);
if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME)))
--- 123,127 ----
}
! public SignatureInfo( final Element elem) throws XMLSecurityException, InvalidSignatureException {
super(elem);
if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME)))
Index: SignedElement.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedElement.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** SignedElement.java 13 Jan 2004 23:37:59 -0000 1.9
--- SignedElement.java 14 Jan 2004 06:42:38 -0000 1.10
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.10 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.9 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 169,172 ****
--- 172,177 ----
} catch (XMLException e) {
throw new XMLSecurityException(e);
+ } catch (InvalidSignatureException e) {
+ throw new XMLSecurityException(e) ;
}
***************
*** 215,248 ****
return sig;
}
!
! /**
! * This verifies the signature of the object.
! */
! public final boolean verifySignature(final PublicKey pub) throws XMLSecurityException {
! if (sig == null)
! throw new XMLSecurityException("The object can not be verified as it doesnt contain a signature");
! return sig.verifySignature(pub);
! }
! /**
! * This verifies the signature of the object.
! */
! public final boolean verifySignature() throws XMLSecurityException {
! if (sig == null)
! throw new XMLSecurityException("The object can not be verified as it doesnt contain a signature");
! return sig.verifySignature();
! }
!
! /**
! * Sign object using given PrivateKey. This also adds a timestamp to the root element prior to signing
! */
! public final void sign(final PrivateKey priv) throws XMLSecurityException, CryptoException {
! preSign();
! sig = XMLSecTools.signElement(getElement(), priv);
! postSign();
}
-
public final void sign(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {
preSign();
! sig = XMLSecTools.signElement( getElement(), name, signer);
postSign();
}
--- 220,234 ----
return sig;
}
! public boolean verify() throws XMLSecurityException {
! try {
! sig=new XMLSignature(getElement().element(XMLSecTools.createQName("Signature")));
! return true;
! } catch (InvalidSignatureException e) {
! return false;
! }
}
public final void sign(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {
preSign();
! sig = new XMLSignature(name,signer, getElement(),Reference.XMLSIGTYPE_ENVELOPED);
postSign();
}
Index: XMLSecTools.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSecTools.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** XMLSecTools.java 13 Jan 2004 23:37:59 -0000 1.6
--- XMLSecTools.java 14 Jan 2004 06:42:38 -0000 1.7
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.7 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.6 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 191,209 ****
*/
public static XMLSignature signElement(final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new QuickEmbeddedSignature(keypair, root);
return sig;
}
- /**
- * Signs an element with a given Private Key and "Envelopes" the signature within.
- *
- * @param root Element to be signed
- * @param key RSA Private Key
- * @throws XMLSecurityException
- */
- public static XMLSignature signElement( final Element root, final PrivateKey key) throws XMLSecurityException, CryptoException {//, KeyStoreException {
- final XMLSignature sig = new QuickEmbeddedSignature(key, root);
- return sig;
- }
/**
--- 194,201 ----
*/
public static XMLSignature signElement(final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new XMLSignature(keypair, root);
return sig;
}
/**
***************
*** 216,221 ****
*/
public static XMLSignature signElement( final Element root, final String name, final org.neuclear.commons.crypto.signers.Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {//, KeyStoreException {
! final XMLSignature sig = new QuickEmbeddedSignature(name, signer, root);
! return sig;
}
--- 208,212 ----
*/
public static XMLSignature signElement( final Element root, final String name, final org.neuclear.commons.crypto.signers.Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {//, KeyStoreException {
! return new XMLSignature(name, signer, root,Reference.XMLSIGTYPE_ENVELOPED);
}
***************
*** 223,233 ****
* Signs an element with a given keypair and embeds the element within the Signature.
*
- * @param baseURI Unique ID of the Element to be signed
* @param root Element to be signed
* @param keypair RSA/DSA KeyPair
! * @throws XMLSecurityException
*/
! public static XMLSignature signElementEnveloping(final String baseURI, final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new XMLSignature(keypair, root, baseURI, Reference.XMLSIGTYPE_ENVELOPING);
return sig;
}
--- 214,223 ----
* Signs an element with a given keypair and embeds the element within the Signature.
*
* @param root Element to be signed
* @param keypair RSA/DSA KeyPair
! * @throws XMLSecurityException
*/
! public static XMLSignature signElementEnveloping(final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new XMLSignature(keypair, root, Reference.XMLSIGTYPE_ENVELOPING);
return sig;
}
***************
*** 242,246 ****
*/
public static XMLSignature signElementEnveloping(final String baseURI, final Element root, final PrivateKey key) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new XMLSignature(key, null, root, baseURI, Reference.XMLSIGTYPE_ENVELOPING);
return sig;
}
--- 232,236 ----
*/
public static XMLSignature signElementEnveloping(final String baseURI, final Element root, final PrivateKey key) throws XMLSecurityException, CryptoException {//, KeyStoreException {
! final XMLSignature sig = new XMLSignature(key, null, root, Reference.XMLSIGTYPE_ENVELOPING);
return sig;
}
***************
*** 298,302 ****
* @throws XMLSecurityException
*/
! public static XMLSignature getXMLSignature(final Element elem) throws XMLSecurityException {
final QName qname = XMLSecTools.createQName("Signature");
Element xmlSigElement = elem.element(qname);
--- 288,292 ----
* @throws XMLSecurityException
*/
! public static XMLSignature getXMLSignature(final Element elem) throws XMLSecurityException, InvalidSignatureException {
final QName qname = XMLSecTools.createQName("Signature");
Element xmlSigElement = elem.element(qname);
***************
*** 323,341 ****
*/
public static boolean verifySignature(final Element elem, final PublicKey pub) throws XMLSecurityException {
! final XMLSignature sig = getXMLSignature(elem);
! return sig.verifySignature(pub);
! }
!
! /**
! * Verifies the signature of a given element
! *
! * @param elem Element to verify
! * @param pubs Array of Public Key to verify against
! * @return true if it verifies
! * @throws XMLSecurityException
! */
! public static boolean verifySignature(final Element elem, final PublicKey[] pubs) throws XMLSecurityException {
! final XMLSignature sig = getXMLSignature(elem);
! return sig.verifySignature(pubs);
}
--- 313,322 ----
*/
public static boolean verifySignature(final Element elem, final PublicKey pub) throws XMLSecurityException {
! try {
! final XMLSignature sig = getXMLSignature(elem);
! return true;
! } catch (InvalidSignatureException e) {
! return false;
! }
}
***************
*** 349,354 ****
*/
public static boolean verifySignature(final Element elem) throws XMLSecurityException, CryptoException {
! final XMLSignature sig = getXMLSignature(elem);
! return sig.verifySignature();
}
--- 330,339 ----
*/
public static boolean verifySignature(final Element elem) throws XMLSecurityException, CryptoException {
! try {
! final XMLSignature sig = getXMLSignature(elem);
! return true;
! } catch (InvalidSignatureException e) {
! return false;
! }
}
***************
*** 377,381 ****
* @return byte array of signature
*/
! public static byte[] canonicalize(final Object node) {
return canonicalize(new Canonicalizer(), node);
}
--- 362,366 ----
* @return byte array of signature
*/
! public static byte[] canonicalize(final Object node) throws XMLSecurityException {
return canonicalize(new Canonicalizer(), node);
}
***************
*** 387,391 ****
* @return
*/
! public static byte[] canonicalizeEmbeddedSignature(final Object node) {
return canonicalize(new CanonicalizerWithoutSignature(), node);
}
--- 372,376 ----
* @return
*/
! public static byte[] canonicalizeEmbeddedSignature(final Object node) throws XMLSecurityException {
return canonicalize(new CanonicalizerWithoutSignature(), node);
}
***************
*** 398,409 ****
* @return
*/
! public static byte[] canonicalize(final Canonicalizer canon, final Object node) {
! try {
!
! return canon.canonicalize(node);
! } catch (IOException e) {
! throw new RuntimeException("Weird IOException while generating textual representation: " + e.getMessage());
! }
!
}
--- 383,388 ----
* @return
*/
! public static byte[] canonicalize(final Canonicalizer canon, final Object node) throws XMLSecurityException {
! return canon.canonicalize(node);
}
Index: XMLSignature.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** XMLSignature.java 13 Jan 2004 23:37:59 -0000 1.9
--- XMLSignature.java 14 Jan 2004 06:42:38 -0000 1.10
***************
*** 1,4 ****
--- 1,7 ----
/* $Id$
* $Log$
+ * Revision 1.10 2004/01/14 06:42:38 pelle
+ * Got rid of the verifyXXX() methods
+ *
* Revision 1.9 2004/01/13 23:37:59 pelle
* Refactoring parts of the core of XMLSignature. There shouldnt be any real API changes.
***************
*** 174,177 ****
--- 177,184 ----
import org.neuclear.commons.crypto.CryptoException;
import org.neuclear.commons.crypto.CryptoTools;
+ import org.neuclear.commons.crypto.passphraseagents.UserCancellationException;
+ import org.neuclear.commons.crypto.signers.Signer;
+ import org.neuclear.commons.crypto.signers.PublicKeySource;
+ import org.neuclear.commons.crypto.signers.NonExistingSignerException;
import org.neuclear.xml.XMLException;
***************
*** 191,199 ****
* @param keypair
* @param root
! * @param uri
! * @throws XMLSecurityException
*/
! public XMLSignature(final KeyPair keypair, final Element root, final String uri) throws XMLSecurityException, CryptoException {
! this(keypair.getPrivate(), keypair.getPublic(), root, uri);
}
--- 198,205 ----
* @param keypair
* @param root
! * @throws XMLSecurityException
*/
! public XMLSignature(final KeyPair keypair, final Element root) throws XMLSecurityException, CryptoException {
! this(keypair.getPrivate(), keypair.getPublic(), root);
}
***************
*** 203,220 ****
* @param keypair
* @param root
- * @param uri
* @param type Reference.XMLSIGTYPE_ENVELOPED,Reference.XMLSIGTYPE_ENVELOPING or Reference.XMLSIGTYPE_DETACHED
* @throws XMLSecurityException
*/
! public XMLSignature(final KeyPair keypair, final Element root, final String uri, final int type) throws XMLSecurityException, CryptoException {
! this(keypair.getPrivate(), keypair.getPublic(), root, uri, type);
}
! public XMLSignature(final PrivateKey key, final PublicKey pub, final Element root, final String uri) throws XMLSecurityException, CryptoException {
! this(key, pub, root, uri, Reference.XMLSIGTYPE_ENVELOPED);
}
! public XMLSignature(final PrivateKey key, final PublicKey pub, Element root, final String uri, final int type) throws XMLSecurityException, CryptoException {
super(XMLSignature.TAG_NAME);
try {
--- 209,225 ----
* @param keypair
* @param root
* @param type Reference.XMLSIGTYPE_ENVELOPED,Reference.XMLSIGTYPE_ENVELOPING or Reference.XMLSIGTYPE_DETACHED
* @throws XMLSecurityException
*/
! public XMLSignature(final KeyPair keypair, final Element root, final int type) throws XMLSecurityException, CryptoException {
! this(keypair.getPrivate(), keypair.getPublic(), root, type);
}
! public XMLSignature(final PrivateKey key, final PublicKey pub, final Element root) throws XMLSecurityException, CryptoException {
! this(key, pub, root, Reference.XMLSIGTYPE_ENVELOPED);
}
! public XMLSignature(final PrivateKey key, final PublicKey pub, Element root, final int type) throws XMLSecurityException, CryptoException {
super(XMLSignature.TAG_NAME);
try {
***************
*** 231,235 ****
}
final int alg = (key instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA;
! si = new SignatureInfo(this, root, uri, alg, type);
addElement(si);
addElement(XMLSecTools.base64ToElement("SignatureValue", CryptoTools.sign(key, si.canonicalize())));
--- 236,240 ----
}
final int alg = (key instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA;
! si = new SignatureInfo( root, alg, type);
addElement(si);
addElement(XMLSecTools.base64ToElement("SignatureValue", CryptoTools.sign(key, si.canonicalize())));
***************
*** 240,251 ****
}
}
! public XMLSignature(final Element elem) throws XMLSecurityException {
super(elem);
final Element siElem = elem.element(XMLSecTools.createQName("SignedInfo"));
if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME)) || siElem == null) // Not sure if equals is imeplemented properly for QNames
throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME);
! si = new SignatureInfo(this, siElem);
}
--- 245,310 ----
}
}
+ public XMLSignature(final String name, final Signer signer, final Element root,final int type) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {
+ super(XMLSignature.TAG_NAME);
+ if (! (signer instanceof PublicKeySource))
+ throw new XMLSecurityException("We Require a PublicKeySource");
+ PublicKeySource src=(PublicKeySource)signer;
+ try {
+ if (type == Reference.XMLSIGTYPE_ENVELOPED) {
+ root.add(getElement());
+ } else if (type == Reference.XMLSIGTYPE_ENVELOPING) {
+ final Element objElem = XMLSecTools.createElementInSignatureSpace("Object");
+ getElement().add(objElem);
+ DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc
+ objElem.add(root);
+ } else {
+ // Detached Handle this in the Ference Constructor
+ }
+ final PublicKey pub = src.getPublicKey(name);
+ final KeyInfo key = new KeyInfo(pub,name);
+ addElement(key);
+ final int alg = (pub instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA;
+ si = new SignatureInfo( root, alg, type);
+ addElement(si);
+ addElement(XMLSecTools.base64ToElement("SignatureValue", signer.sign(name, si.canonicalize())));
+ } catch (XMLException e) {
+ throw new XMLSecurityException(e);
+ }
+ }
! public XMLSignature(final Element elem) throws XMLSecurityException, InvalidSignatureException {
super(elem);
final Element siElem = elem.element(XMLSecTools.createQName("SignedInfo"));
if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME)) || siElem == null) // Not sure if equals is imeplemented properly for QNames
throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME);
! si = new SignatureInfo(siElem);
! KeyInfo key=getKeyInfo();
! if (key == null)
! throw new XMLSecurityException("No included PublicKey, can not verify.");
+ final byte[] sig = getSignature();
+ final byte[] cansi = si.canonicalize();
+ try {
+ if (!CryptoTools.verify(key.getPublicKey(), cansi, sig))
+ throw new InvalidSignatureException(key.getPublicKey());
+ } catch (CryptoException e) {
+ throw new XMLSecurityException(e);
+ }
+ }
+
+ public XMLSignature(final Element elem,PublicKey pub) throws XMLSecurityException, InvalidSignatureException {
+ super(elem);
+ final Element siElem = elem.element(XMLSecTools.createQName("SignedInfo"));
+ if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME)) || siElem == null) // Not sure if equals is imeplemented properly for QNames
+ throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME);
+ si = new SignatureInfo(siElem);
+ final byte[] sig = getSignature();
+ final byte[] cansi = si.canonicalize();
+ try {
+ if (!CryptoTools.verify(pub, cansi, sig))
+ throw new InvalidSignatureException(pub);
+ } catch (CryptoException e) {
+ throw new XMLSecurityException(e);
+ }
}
***************
*** 256,271 ****
* @throws XMLSecurityException
*/
! public final byte[] getSignature() throws XMLSecurityException, CryptoException {
final Element sigVal = getElement().element("SignatureValue");
return XMLSecTools.decodeBase64Element(sigVal);
}
- public final boolean verifySignature() throws XMLSecurityException {
- final PublicKey pk = getSignersKey();
- if (pk==null)
- throw new XMLSecurityException("Signature does not contain an embedded PublicKey");
- return verifySignature(pk);
- }
-
public final PublicKey getSignersKey() throws XMLSecurityException {
KeyInfo key=getKeyInfo();
--- 315,323 ----
* @throws XMLSecurityException
*/
! private final byte[] getSignature() throws XMLSecurityException {
final Element sigVal = getElement().element("SignatureValue");
return XMLSecTools.decodeBase64Element(sigVal);
}
public final PublicKey getSignersKey() throws XMLSecurityException {
KeyInfo key=getKeyInfo();
***************
*** 289,327 ****
}
-
- public final boolean verifySignature(final PublicKey pk) throws XMLSecurityException {
-
- try {
- // if (!si.getReference().verifyReferences())
- // return false;
- final byte[] sig = getSignature();
- final byte[] cansi = si.canonicalize();
- return CryptoTools.verify(pk, cansi, sig);
- } catch (CryptoException e) {
- throw new XMLSecurityException(e);
- }
- }
-
- public final boolean verifySignature(final PublicKey[] pks) throws XMLSecurityException {
-
- try {
- // if (!si.getReference().verifyReferences()) {
- //// System.err.println("XMLSIG: References didnt match up");
- // return false;
- // }
- final byte[] sig = getSignature();
- final byte[] cansi = si.canonicalize();
- for (int i = 0; i < pks.length; i++)
- if (CryptoTools.verify(pks[i], cansi, sig))
- return true;
- // System.err.println("XMLSIG: Signature didnt Verify");
- return false;
- } catch (CryptoException e) {
- throw new XMLSecurityException(e);
- }
- }
-
-
-
protected final SignatureInfo getSi() {
return si;
--- 341,344 ----
|
