Menu
▾
▴
[Neuclear-develop] neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec Reference.java,1.9,1.10 XMLSecTools.java,1.8,1.9 XMLSignature.java,1.11,1.12
|
From: <pe...@us...> - 2004-02-19 00:38:02
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv19678/src/java/org/neuclear/xml/xmlsec Modified Files: Reference.java XMLSecTools.java XMLSignature.java Log Message: Discovered several incompatabilities with the xmlsig implementation. Have been working on getting it working. Currently there is still a problem with enveloping signatures and it seems enveloped signatures done via signers. Index: Reference.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/Reference.java,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** Reference.java 15 Jan 2004 00:01:46 -0000 1.9 --- Reference.java 19 Feb 2004 00:27:59 -0000 1.10 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.10 2004/02/19 00:27:59 pelle + * Discovered several incompatabilities with the xmlsig implementation. Have been working on getting it working. + * Currently there is still a problem with enveloping signatures and it seems enveloped signatures done via signers. + * * Revision 1.9 2004/01/15 00:01:46 pelle * Problem fixed with Enveloping signatures. *************** *** 164,174 **** // final Element object; if (sigtype == XMLSIGTYPE_ENVELOPED){ canon=new CanonicalizerWithoutSignature(); transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/2000/09/xmldsig#enveloped-signature"); - // object=root; } else if (sigtype == XMLSIGTYPE_ENVELOPING){ - canon= new Canonicalizer(); - //object=root.getParent(); } else { throw new XMLSecurityException("Unsupported Signature Method"); --- 168,176 ---- // final Element object; if (sigtype == XMLSIGTYPE_ENVELOPED){ + createAttribute("URI",""); canon=new CanonicalizerWithoutSignature(); transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm","http://www.w3.org/2000/09/xmldsig#enveloped-signature"); } else if (sigtype == XMLSIGTYPE_ENVELOPING){ canon= new Canonicalizer(); } else { throw new XMLSecurityException("Unsupported Signature Method"); Index: XMLSecTools.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSecTools.java,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** XMLSecTools.java 14 Jan 2004 16:34:27 -0000 1.8 --- XMLSecTools.java 19 Feb 2004 00:27:59 -0000 1.9 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.9 2004/02/19 00:27:59 pelle + * Discovered several incompatabilities with the xmlsig implementation. Have been working on getting it working. + * Currently there is still a problem with enveloping signatures and it seems enveloped signatures done via signers. + * * Revision 1.8 2004/01/14 16:34:27 pelle * New model of references and signatures now pretty much works. Index: XMLSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** XMLSignature.java 15 Jan 2004 00:01:46 -0000 1.11 --- XMLSignature.java 19 Feb 2004 00:27:59 -0000 1.12 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.12 2004/02/19 00:27:59 pelle + * Discovered several incompatabilities with the xmlsig implementation. Have been working on getting it working. + * Currently there is still a problem with enveloping signatures and it seems enveloped signatures done via signers. + * * Revision 1.11 2004/01/15 00:01:46 pelle * Problem fixed with Enveloping signatures. *************** *** 190,193 **** --- 194,198 ---- import java.security.PublicKey; import java.security.interfaces.RSAPrivateKey; + import java.security.interfaces.RSAPublicKey; /** *************** *** 224,253 **** } public XMLSignature(final PrivateKey key, final PublicKey pub, Element root, final int type) throws XMLSecurityException, CryptoException { super(XMLSignature.TAG_NAME); try { ! if (type == Reference.XMLSIGTYPE_ENVELOPED) { root.add(getElement()); ! } else if (type == Reference.XMLSIGTYPE_ENVELOPING) { final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); objElem.addAttribute("Id","data"); - getElement().add(objElem); DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc objElem.add(root); root = objElem; ! } else { ! throw new XMLSecurityException("Unknown Signature Method"); } final int alg = (key instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA; si = new SignatureInfo( root, alg, type); addElement(si); ! addElement(XMLSecTools.base64ToElement("SignatureValue", CryptoTools.sign(key, si.canonicalize()))); if (pub != null) addElement(new KeyInfo(pub)); } catch (XMLException e) { throw new XMLSecurityException(e); } } ! public XMLSignature(final String name, final Signer signer, final Element root,final int type) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { super(XMLSignature.TAG_NAME); if (! (signer instanceof PublicKeySource)) --- 229,267 ---- } + //TODO Something does not work right with Enveloping signatures. I am trying to figure out what it is. However enveloped are all + // that we need for NeuClear, so I may put this on the backburner. public XMLSignature(final PrivateKey key, final PublicKey pub, Element root, final int type) throws XMLSecurityException, CryptoException { super(XMLSignature.TAG_NAME); try { ! if (type == Reference.XMLSIGTYPE_ENVELOPED) { root.add(getElement()); ! } else if (type == Reference.XMLSIGTYPE_ENVELOPING) { final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); objElem.addAttribute("Id","data"); DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc objElem.add(root); root = objElem; ! getElement().add(root); } final int alg = (key instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA; si = new SignatureInfo( root, alg, type); addElement(si); ! final byte[] cansi = si.canonicalize(); ! // System.out.println("Canonicalized:"); ! // System.out.println(new String(cansi)); ! // System.out.println("------"); ! addElement(XMLSecTools.base64ToElement("SignatureValue", CryptoTools.sign(key, cansi))); if (pub != null) addElement(new KeyInfo(pub)); + // If Enveloping add Object element last + if (type == Reference.XMLSIGTYPE_ENVELOPING) { + getElement().remove(root); + getElement().add(root); + } } catch (XMLException e) { throw new XMLSecurityException(e); } } ! public XMLSignature(final String name, final Signer signer, Element root,final int type) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { super(XMLSignature.TAG_NAME); if (! (signer instanceof PublicKeySource)) *************** *** 256,275 **** try { if (type == Reference.XMLSIGTYPE_ENVELOPED) { ! root.add(getElement()); } else if (type == Reference.XMLSIGTYPE_ENVELOPING) { ! final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); ! getElement().add(objElem); ! DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc ! objElem.add(root); ! } else { ! // Detached Handle this in the Ference Constructor ! } final PublicKey pub = src.getPublicKey(name); ! final KeyInfo key = new KeyInfo(pub,name); ! addElement(key); ! final int alg = (pub instanceof RSAPrivateKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA; si = new SignatureInfo( root, alg, type); addElement(si); ! addElement(XMLSecTools.base64ToElement("SignatureValue", signer.sign(name, si.canonicalize()))); } catch (XMLException e) { throw new XMLSecurityException(e); --- 270,297 ---- try { if (type == Reference.XMLSIGTYPE_ENVELOPED) { ! root.add(getElement()); } else if (type == Reference.XMLSIGTYPE_ENVELOPING) { ! final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); ! objElem.addAttribute("Id","data"); ! DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc ! objElem.add(root); ! root = objElem; ! getElement().add(root); ! } final PublicKey pub = src.getPublicKey(name); ! final int alg = (pub instanceof RSAPublicKey) ? SignatureInfo.SIG_ALG_RSA : SignatureInfo.SIG_ALG_DSA; si = new SignatureInfo( root, alg, type); addElement(si); ! final byte[] cansi = si.canonicalize(); ! // System.out.println("Canonicalized:"); ! // System.out.println(new String(cansi)); ! // System.out.println("------"); ! addElement(XMLSecTools.base64ToElement("SignatureValue", signer.sign(name, cansi))); ! final KeyInfo key = new KeyInfo(pub); ! addElement(key); ! if (type == Reference.XMLSIGTYPE_ENVELOPING) { ! getElement().remove(root); ! getElement().add(root); ! } } catch (XMLException e) { throw new XMLSecurityException(e); *************** *** 289,292 **** --- 311,318 ---- final byte[] sig = getSignature(); final byte[] cansi = si.canonicalize(); + System.out.println("Canonicalized:"); + System.out.println(new String(cansi)); + System.out.println("------"); + try { if (!CryptoTools.verify(key.getPublicKey(), cansi, sig)) |
