Menu
▾
▴
[Neuclear-develop] neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec ExternalSignature.java,NONE,1.1 AnyXMLSignature.java,1.1,1.2 DataObjectSignature.java,1.1,1.2 EnvelopedSignature.java,1.1,1.2 InvalidReferencesException.java,1.1,1.2 SignedInfo.java,1.6,1.7 XMLSignature.java,1.18,1.19
|
From: Pelle B. <pe...@us...> - 2004-03-23 21:01:31
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29273/src/java/org/neuclear/xml/xmlsec Modified Files: AnyXMLSignature.java DataObjectSignature.java EnvelopedSignature.java InvalidReferencesException.java SignedInfo.java XMLSignature.java Added Files: ExternalSignature.java Log Message: Added ExternalSignature and further Javadocs. Added Busy Developers Guide and Interop guide. Ready for release. Index: AnyXMLSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/AnyXMLSignature.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AnyXMLSignature.java 19 Mar 2004 22:21:51 -0000 1.1 --- AnyXMLSignature.java 23 Mar 2004 20:50:59 -0000 1.2 *************** *** 8,12 **** */ public class AnyXMLSignature extends XMLSignature { ! public AnyXMLSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(XMLSecTools.getSignatureElement(elem)); } --- 8,12 ---- */ public class AnyXMLSignature extends XMLSignature { ! AnyXMLSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(XMLSecTools.getSignatureElement(elem)); } --- NEW FILE: ExternalSignature.java --- package org.neuclear.xml.xmlsec; import org.dom4j.DocumentHelper; import org.dom4j.Element; import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.passphraseagents.UserCancellationException; import org.neuclear.commons.crypto.signers.NonExistingSignerException; import org.neuclear.commons.crypto.signers.Signer; import java.security.KeyPair; import java.util.List; /** * This is a standard Enveloped Signature with only one Reference object. */ public class ExternalSignature extends XMLSignature { public ExternalSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(elem); } /** * Creates a Signature with a reference to an external URL. * * @param name * @param signer * @param url * @throws XMLSecurityException * @throws UserCancellationException * @throws NonExistingSignerException */ public ExternalSignature(String name, Signer signer, String url) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { super(name, signer); if (getElement().getDocument() == null) DocumentHelper.createDocument(getElement()); si.addExternalReference(url); sign(name, signer); } public ExternalSignature(KeyPair kp, String url) throws XMLSecurityException { super(kp.getPublic()); if (getElement().getDocument() == null) DocumentHelper.createDocument(getElement()); si.addExternalReference(url); sign(kp); } protected void verifyReferencesStructure() throws InvalidReferencesException { List refs = si.getReferences(); if (refs.size() != 1) throw new InvalidReferencesException(refs.size()); if (Utility.isEmpty(si.getPrimaryReference().getUri())) throw new InvalidReferencesException(); } } Index: DataObjectSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/DataObjectSignature.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** DataObjectSignature.java 19 Mar 2004 22:21:51 -0000 1.1 --- DataObjectSignature.java 23 Mar 2004 20:51:00 -0000 1.2 *************** *** 7,10 **** --- 7,11 ---- import org.neuclear.commons.crypto.signers.NonExistingSignerException; import org.neuclear.commons.crypto.signers.Signer; + import org.neuclear.xml.XMLTools; import java.security.KeyPair; *************** *** 12,28 **** /** ! * This is a standard Enveloped Signature with only one Reference object. */ public class DataObjectSignature extends XMLSignature { public DataObjectSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(elem); } ! public DataObjectSignature(String name, Signer signer, Element elem) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! super(name, signer); si.addEnvelopingReference(addDataObject("data", elem)); ! sign(name, signer); } public DataObjectSignature(KeyPair kp, Element elem) throws XMLSecurityException { super(kp.getPublic()); --- 13,56 ---- /** ! * This is a standard Enveloping Signature with only one data object object. */ public class DataObjectSignature extends XMLSignature { + + /** + * Verifies an Enveloping Signature with a Data Object. + * + * @param elem + * @throws XMLSecurityException + * @throws InvalidSignatureException + */ public DataObjectSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(elem); } ! /** ! * Creates a new Enveloping Signature containing one data object. Uses the given Signer and alias to ! * sign it. ! * ! * @param alias ! * @param signer ! * @param elem Element to embed in Data Object ! * @throws XMLSecurityException ! * @throws UserCancellationException ! * @throws NonExistingSignerException ! * @see Signer ! */ ! public DataObjectSignature(String alias, Signer signer, Element elem) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! super(alias, signer); si.addEnvelopingReference(addDataObject("data", elem)); ! sign(alias, signer); } + /** + * Creates a new Enveloping Signature containing one data object. Signs it using the given KeyPair + * + * @param kp + * @param elem Element to embed in Data Object + * @throws XMLSecurityException + */ public DataObjectSignature(KeyPair kp, Element elem) throws XMLSecurityException { super(kp.getPublic()); *************** *** 35,41 **** if (refs.size() != 1) throw new InvalidReferencesException(refs.size()); ! if (Utility.isEmpty(si.getPrimaryReference().getUri())) ! throw new InvalidReferencesException(); ! } --- 63,77 ---- if (refs.size() != 1) throw new InvalidReferencesException(refs.size()); ! final String uri = si.getPrimaryReference().getUri(); ! if (Utility.isEmpty(uri)) ! throw new InvalidReferencesException("Empty URI"); ! if (!uri.startsWith("#")) ! throw new InvalidReferencesException("URI does not start with '#'"); ! final String id = uri.substring(1); ! Element object = XMLTools.getByID(getElement(), id); ! if (object == null) ! throw new InvalidReferencesException("Object with id: " + id + " is null"); ! if (!object.getName().equals("Object")) ! throw new InvalidReferencesException("Referenced object is not an Object element, but a: " + object.getName()); } Index: InvalidReferencesException.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/InvalidReferencesException.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** InvalidReferencesException.java 19 Mar 2004 22:21:51 -0000 1.1 --- InvalidReferencesException.java 23 Mar 2004 20:51:00 -0000 1.2 *************** *** 17,19 **** --- 17,23 ---- } + public InvalidReferencesException(String message) { + super("Invalid reference type: " + message); + } + } Index: EnvelopedSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/EnvelopedSignature.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** EnvelopedSignature.java 19 Mar 2004 22:21:51 -0000 1.1 --- EnvelopedSignature.java 23 Mar 2004 20:51:00 -0000 1.2 *************** *** 14,21 **** --- 14,41 ---- */ public class EnvelopedSignature extends XMLSignature { + /** + * Verifies the given element. The Element can be either the Signature element embedded within another element or + * the parent element it self. + * + * @param elem + * @throws XMLSecurityException + * @throws InvalidSignatureException + */ public EnvelopedSignature(Element elem) throws XMLSecurityException, InvalidSignatureException { super(XMLSecTools.getSignatureElement(elem)); } + /** + * Creates a standard Enveloped Signature within the given Element. + * Uses the provided Signer and Alias to sign it. + * + * @param name + * @param signer + * @param elem + * @throws XMLSecurityException + * @throws UserCancellationException + * @throws NonExistingSignerException + * @see Signer + */ public EnvelopedSignature(String name, Signer signer, Element elem) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { super(name, signer); *************** *** 25,28 **** --- 45,56 ---- } + /** + * Creates a standard Enveloped Signature within the given Element. + * Uses the provided KeyPair to sign it. + * + * @param kp + * @param elem + * @throws XMLSecurityException + */ public EnvelopedSignature(KeyPair kp, Element elem) throws XMLSecurityException { super(kp.getPublic()); Index: XMLSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java,v retrieving revision 1.18 retrieving revision 1.19 diff -C2 -d -r1.18 -r1.19 *** XMLSignature.java 20 Mar 2004 17:19:42 -0000 1.18 --- XMLSignature.java 23 Mar 2004 20:51:00 -0000 1.19 *************** *** 1,4 **** --- 1,9 ---- /* $Id$ * $Log$ + * Revision 1.19 2004/03/23 20:51:00 pelle + * Added ExternalSignature and further Javadocs. + * Added Busy Developers Guide and Interop guide. + * Ready for release. + * * Revision 1.18 2004/03/20 17:19:42 pelle * The problem with Enveloped signatures has now been fixed. It was a problem in the way transforms work. I have bandaided it, but in the future if better support for transforms need to be made, we need to rethink it a bit. Perhaps using the new crypto channel's in neuclear-commons. *************** *** 225,235 **** */ abstract public class XMLSignature extends AbstractXMLSigElement { ! protected XMLSignature(final PublicKey pub) throws XMLSecurityException { this(pub, new SignedInfo(getSignatureAlgorithm(pub), 1)); } ! protected XMLSignature(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException { ! this(getPublicKey(name, signer), new SignedInfo(getSignatureAlgorithm(getPublicKey(name, signer)), 1)); } --- 230,255 ---- */ abstract public class XMLSignature extends AbstractXMLSigElement { ! /** ! * Creates a raw XML Signature element that is unsigned. ! * Subclasse can use this to add references and then sign it using the sign method. ! * ! * @param pub Adds this public key to the KeyInfo ! * @throws XMLSecurityException ! */ protected XMLSignature(final PublicKey pub) throws XMLSecurityException { this(pub, new SignedInfo(getSignatureAlgorithm(pub), 1)); } ! /** ! * Creates a raw XML Signature element that is unsigned. ! * Subclasse can use this to add references and then sign it using the sign method. ! * ! * @param alias Adds the publickey with this alias to the KeyInfo ! * @param signer Get the PublicKey from this Signer ! * @throws XMLSecurityException ! * @throws NonExistingSignerException ! */ ! protected XMLSignature(final String alias, final Signer signer) throws XMLSecurityException, NonExistingSignerException { ! this(getPublicKey(alias, signer), new SignedInfo(getSignatureAlgorithm(getPublicKey(alias, signer)), 1)); } *************** *** 243,246 **** --- 263,274 ---- } + /** + * Used by subclasses to pass complete SignedInfo's. + * This constructor signs it and places signature in Signature Value. + * + * @param kp + * @param si + * @throws XMLSecurityException + */ protected XMLSignature(final KeyPair kp, final SignedInfo si) throws XMLSecurityException { this(kp.getPublic(), si); *************** *** 248,260 **** } ! ! protected XMLSignature(final String name, final Signer signer, final SignedInfo si) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! this(getPublicKey(name, signer), si); ! sign(name, signer); } /** ! * Constructor from Raw XML * * @param elem --- 276,299 ---- } ! /** ! * Used by subclasses to pass complete SignedInfo's. ! * This constructor signs it and places signature in Signature Value. ! * ! * @param alias ! * @param signer ! * @param si ! * @throws XMLSecurityException ! * @throws UserCancellationException ! * @throws NonExistingSignerException ! */ ! protected XMLSignature(final String alias, final Signer signer, final SignedInfo si) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! this(getPublicKey(alias, signer), si); ! sign(alias, signer); } /** ! * Constructor from Raw XML. This verifies the Signature and references within. ! * Sub classes should override <tt>verifyReferencesStructure()</tt> to verify the structure of the references. * * @param elem *************** *** 304,326 **** } protected void sign(final KeyPair kp) throws XMLSecurityException { sigval.setText(Base64.encode(si.sign(kp.getPrivate()))); } ! protected void sign(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { ! sigval.setText(Base64.encode(si.sign(name, signer))); } ! private static PublicKey getPublicKey(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException { if (!(signer instanceof PublicKeySource)) throw new XMLSecurityException("The Signer must also be a public key source"); ! return ((PublicKeySource) signer).getPublicKey(name); } /** ! * Method getPublicKey ! * ! * @return * @throws XMLSecurityException */ --- 343,380 ---- } + /** + * Signs the SignedInfo with the given KeyPair and places the signature in the SignatureValue element. + * Subclasses should call this in their constructor. + * + * @param kp + * @throws XMLSecurityException + */ protected void sign(final KeyPair kp) throws XMLSecurityException { sigval.setText(Base64.encode(si.sign(kp.getPrivate()))); } ! /** ! * Signs the SignedInfo with the given Signer and alias and places the signature in the SignatureValue element. ! * Subclasses should call this in their constructor. ! * ! * @param alias ! * @param signer ! * @throws XMLSecurityException ! * @throws NonExistingSignerException ! * @throws UserCancellationException ! */ ! protected void sign(final String alias, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { ! sigval.setText(Base64.encode(si.sign(alias, signer))); } ! private static PublicKey getPublicKey(final String alias, final Signer signer) throws XMLSecurityException, NonExistingSignerException { if (!(signer instanceof PublicKeySource)) throw new XMLSecurityException("The Signer must also be a public key source"); ! return ((PublicKeySource) signer).getPublicKey(alias); } /** ! * @return The signature bytes * @throws XMLSecurityException */ *************** *** 330,333 **** --- 384,393 ---- } + /** + * Gets the PublicKey of the Signer of the XMLSignature. If non existant returns null. + * + * @return + * @throws XMLSecurityException + */ public final PublicKey getSignersKey() throws XMLSecurityException { KeyInfo key = getKeyInfo(); *************** *** 337,340 **** --- 397,406 ---- } + /** + * If available returns the id of the signing key. + * + * @return + * @throws XMLSecurityException + */ public final String getSignersId() throws XMLSecurityException { KeyInfo key = getKeyInfo(); *************** *** 353,360 **** --- 419,434 ---- } + /** + * @return The SignedInfo element + */ public final SignedInfo getSi() { return si; } + /** + * Get the first element referenced by this Signature. If refernce is external it returns null. + * + * @return + */ public final Element getPrimaryReferenceElement() { return si.getPrimaryReferenceElement(); Index: SignedInfo.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedInfo.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** SignedInfo.java 20 Mar 2004 17:19:42 -0000 1.6 --- SignedInfo.java 23 Mar 2004 20:51:00 -0000 1.7 *************** *** 1,4 **** --- 1,9 ---- /* $Id$ * $Log$ + * Revision 1.7 2004/03/23 20:51:00 pelle + * Added ExternalSignature and further Javadocs. + * Added Busy Developers Guide and Interop guide. + * Ready for release. + * * Revision 1.6 2004/03/20 17:19:42 pelle * The problem with Enveloped signatures has now been fixed. It was a problem in the way transforms work. I have bandaided it, but in the future if better support for transforms need to be made, we need to rethink it a bit. Perhaps using the new crypto channel's in neuclear-commons. *************** *** 285,289 **** // System.out.println(new String(cansi)); // System.out.println("------"); ! return CryptoTools.sign(key, cansi); } catch (CryptoException e) { --- 290,295 ---- // System.out.println(new String(cansi)); // System.out.println("------"); ! if (cansi.length == 0) ! throw new XMLSecurityException("Problem during Canonicalization. The Canonicalizer Returned a null byte array."); return CryptoTools.sign(key, cansi); } catch (CryptoException e) { |
