Menu
▾
▴
neuclear-develop — Support requests, cvs etc
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(119) |
Oct
(111) |
Nov
(238) |
Dec
(395) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(239) |
Feb
(59) |
Mar
(354) |
Apr
(489) |
May
(23) |
Jun
(2) |
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
(4) |
May
(5) |
Jun
(2) |
Jul
|
Aug
|
Sep
(3) |
Oct
(14) |
Nov
(17) |
Dec
(9) |
| 2007 |
Jan
(4) |
Feb
(3) |
Mar
|
Apr
(1) |
May
(1) |
Jun
(2) |
Jul
|
Aug
|
Sep
(1) |
Oct
(2) |
Nov
(1) |
Dec
|
| 2008 |
Jan
|
Feb
|
Mar
(1) |
Apr
(7) |
May
(3) |
Jun
(6) |
Jul
(4) |
Aug
(3) |
Sep
(15) |
Oct
(13) |
Nov
(35) |
Dec
(40) |
| 2009 |
Jan
(19) |
Feb
(21) |
Mar
(16) |
Apr
(18) |
May
(36) |
Jun
(20) |
Jul
(32) |
Aug
(11) |
Sep
(3) |
Oct
(2) |
Nov
(2) |
Dec
(13) |
| 2010 |
Jan
(5) |
Feb
(5) |
Mar
(7) |
Apr
(1) |
May
(1) |
Jun
(3) |
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(1) |
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(4) |
Nov
|
Dec
(3) |
| 2012 |
Jan
(3) |
Feb
(3) |
Mar
(1) |
Apr
(4) |
May
(8) |
Jun
(4) |
Jul
(9) |
Aug
(2) |
Sep
(8) |
Oct
(3) |
Nov
(8) |
Dec
(4) |
| 2013 |
Jan
(2) |
Feb
(1) |
Mar
(5) |
Apr
(6) |
May
(10) |
Jun
(5) |
Jul
(6) |
Aug
(7) |
Sep
(5) |
Oct
(2) |
Nov
(4) |
Dec
(4) |
| 2014 |
Jan
(13) |
Feb
(4) |
Mar
(7) |
Apr
(9) |
May
(20) |
Jun
(13) |
Jul
(10) |
Aug
(3) |
Sep
(5) |
Oct
(2) |
Nov
(2) |
Dec
(2) |
| 2015 |
Jan
(3) |
Feb
(3) |
Mar
(5) |
Apr
(4) |
May
(3) |
Jun
(2) |
Jul
(4) |
Aug
(3) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
(3) |
| 2016 |
Jan
|
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
(1) |
Jun
(2) |
Jul
(1) |
Aug
(4) |
Sep
(3) |
Oct
(3) |
Nov
(4) |
Dec
(2) |
| 2017 |
Jan
|
Feb
(2) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <bug...@ve...> - 2004-03-11 23:37:15
|
Message: Work on this issue has been started by Pelle Braendgaard (mailto:pe...@ve...) --------------------------------------------------------------------- View the issue: http://jira.neuclear.org//browse/XMLSIG-2 Here is an overview of the issue: --------------------------------------------------------------------- Key: XMLSIG-2 Summary: Add getData() to Reference Type: New Feature Status: In Progress Priority: Major Original Estimate: Unknown Time Spent: Unknown Remaining: Unknown Project: NeuClear XMLSig Fix Fors: 0.12 Assignee: Pelle Braendgaard Reporter: Pelle Braendgaard Created: Fri, 5 Mar 2004 12:13 PM Updated: Thu, 11 Mar 2004 3:25 PM Description: To verify exactly what was signed, we need to have a reference to the original data from Reference. I am not sure how to do it yet, but will probably take some ideas from JSR105 and simply return the URI, which could be referenced via the XMLSignature class. --------------------------------------------------------------------- JIRA INFORMATION: This message is automatically generated by JIRA. If you think it was sent incorrectly contact one of the administrators: http://jira.neuclear.org//secure/Administrators.jspa If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira |
|
From: <bug...@ve...> - 2004-03-11 23:35:16
|
Message:
The following issue has been closed.
Resolver: Pelle Braendgaard
Date: Thu, 11 Mar 2004 3:23 PM
done
---------------------------------------------------------------------
View the issue:
http://jira.neuclear.org//browse/XMLSIG-3
Here is an overview of the issue:
---------------------------------------------------------------------
Key: XMLSIG-3
Summary: Add getReferences() to SignedInfo
Type: New Feature
Status: Closed
Priority: Major
Resolution: FIXED
Original Estimate: Unknown
Time Spent: Unknown
Remaining: Unknown
Project: NeuClear XMLSig
Fix Fors:
0.12
Assignee: Pelle Braendgaard
Reporter: Pelle Braendgaard
Created: Fri, 5 Mar 2004 12:15 PM
Updated: Thu, 11 Mar 2004 3:23 PM
Description:
SignedInfo needs to return an unmodifiable List of its included References. It also needs to be able to take multiple references in its Constructor.
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://jira.neuclear.org//secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
|
|
From: <bug...@ve...> - 2004-03-11 23:33:19
|
Message:
The following issue has been closed.
Resolver: Pelle Braendgaard
Date: Thu, 11 Mar 2004 3:22 PM
SignedInfo now can take multiple references.
---------------------------------------------------------------------
View the issue:
http://jira.neuclear.org//browse/XMLSIG-4
Here is an overview of the issue:
---------------------------------------------------------------------
Key: XMLSIG-4
Summary: Allow multiple References in constructor to SignedInfo
Type: New Feature
Status: Closed
Priority: Major
Resolution: FIXED
Original Estimate: Unknown
Time Spent: Unknown
Remaining: Unknown
Project: NeuClear XMLSig
Fix Fors:
0.12
Versions:
0.12
Assignee: Pelle Braendgaard
Reporter: Pelle Braendgaard
Created: Fri, 5 Mar 2004 12:19 PM
Updated: Thu, 11 Mar 2004 3:22 PM
Description:
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://jira.neuclear.org//secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
|
|
From: <pe...@us...> - 2004-03-09 00:07:57
|
Update of /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23941/src/test/org/neuclear/id Modified Files: IdentityTests.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: IdentityTests.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-id/src/test/org/neuclear/id/IdentityTests.java,v retrieving revision 1.5 retrieving revision 1.6 diff -C2 -d -r1.5 -r1.6 *** IdentityTests.java 3 Mar 2004 23:26:44 -0000 1.5 --- IdentityTests.java 8 Mar 2004 23:51:11 -0000 1.6 *************** *** 5,12 **** import org.dom4j.Element; import org.neuclear.commons.NeuClearException; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.CryptoTools; - import org.neuclear.commons.crypto.Base32; - import org.neuclear.commons.crypto.signers.NonExistingSignerException; import org.neuclear.id.builders.Builder; import org.neuclear.id.builders.IdentityBuilder; --- 5,11 ---- import org.dom4j.Element; import org.neuclear.commons.NeuClearException; + import org.neuclear.commons.crypto.Base32; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.id.builders.Builder; import org.neuclear.id.builders.IdentityBuilder; *************** *** 36,45 **** protected void verifyObject(SignedNamedObject obj) throws CryptoException { assertTrue(obj instanceof Identity); ! Identity id=(Identity) obj; assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(signer.getPublicKey(NAME).getEncoded())), ! obj.getName().substring(5,37)); assertEquals(new String(CryptoTools.digest(signer.getPublicKey(NAME).getEncoded())), ! new String(Base32.decode(obj.getName().substring(5,37)))); ! assertEquals(id.getSigner(),SIGNER); assertNotNull(id.getPublicKey()); } --- 35,44 ---- protected void verifyObject(SignedNamedObject obj) throws CryptoException { assertTrue(obj instanceof Identity); ! Identity id = (Identity) obj; assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(signer.getPublicKey(NAME).getEncoded())), ! obj.getName().substring(5, 37)); assertEquals(new String(CryptoTools.digest(signer.getPublicKey(NAME).getEncoded())), ! new String(Base32.decode(obj.getName().substring(5, 37)))); ! assertEquals(id.getSigner(), SIGNER); assertNotNull(id.getPublicKey()); } *************** *** 50,88 **** protected Builder createBuilder() throws NeuClearException { ! return new IdentityBuilder(getSigner().getPublicKey(NAME),SIGNER,null,null); } public void testAnonymous() throws NoSuchAlgorithmException { ! KeyPair kp=CryptoTools.createTinyKeyPair(); ! Identity id=new Identity(kp.getPublic()); assertNotNull(id); assertNotNull(id.getName()); ! assertEquals("sha1:",id.getName().substring(0,5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())),id.getName().substring(5)); ! assertEquals(kp.getPublic(),id.getPublicKey()); } ! public void testEmbedded() throws NoSuchAlgorithmException, XMLSecurityException, CryptoException, NameResolutionException, InvalidNamedObjectException{ ! KeyPair kp=CryptoTools.createTinyKeyPair(); ! Document doc=DocumentHelper.createDocument(); ! Element elem=doc.addElement("TestElement"); ! XMLSignature sig=new XMLSignature(kp,elem); ! assertEquals(kp.getPublic(),sig.getSignersKey()); ! SignedNamedObject obj=VerifyingReader.getInstance().read(elem); ! System.out.println("Name: "+obj.getName()); ! assertEquals("sha1:",obj.getName().substring(0,5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())),obj.getName().substring(5,37)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(obj.getEncoded().getBytes())),obj.getName().substring(obj.getName().length()-32)); ! Identity id=obj.getSignatory(); assertNotNull(id); assertNotNull(id.getName()); ! assertEquals("sha1:",id.getName().substring(0,5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())),id.getName().substring(5)); ! assertEquals(kp.getPublic(),id.getPublicKey()); ! ! --- 49,85 ---- protected Builder createBuilder() throws NeuClearException { ! return new IdentityBuilder(getSigner().getPublicKey(NAME), SIGNER, null, null); } public void testAnonymous() throws NoSuchAlgorithmException { ! KeyPair kp = CryptoTools.createTinyRSAKeyPair(); ! Identity id = new Identity(kp.getPublic()); assertNotNull(id); assertNotNull(id.getName()); ! assertEquals("sha1:", id.getName().substring(0, 5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())), id.getName().substring(5)); ! assertEquals(kp.getPublic(), id.getPublicKey()); } ! public void testEmbedded() throws NoSuchAlgorithmException, XMLSecurityException, CryptoException, NameResolutionException, InvalidNamedObjectException { ! KeyPair kp = CryptoTools.createTinyRSAKeyPair(); ! Document doc = DocumentHelper.createDocument(); ! Element elem = doc.addElement("TestElement"); ! XMLSignature sig = new XMLSignature(kp, elem); ! assertEquals(kp.getPublic(), sig.getSignersKey()); ! SignedNamedObject obj = VerifyingReader.getInstance().read(elem); ! System.out.println("Name: " + obj.getName()); ! assertEquals("sha1:", obj.getName().substring(0, 5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())), obj.getName().substring(5, 37)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(obj.getEncoded().getBytes())), obj.getName().substring(obj.getName().length() - 32)); ! Identity id = obj.getSignatory(); assertNotNull(id); assertNotNull(id.getName()); ! assertEquals("sha1:", id.getName().substring(0, 5)); ! assertEquals(CryptoTools.encodeBase32(CryptoTools.digest(kp.getPublic().getEncoded())), id.getName().substring(5)); ! assertEquals(kp.getPublic(), id.getPublicKey()); |
|
From: <pe...@us...> - 2004-03-09 00:07:50
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/test/org/neuclear/xml/xmlsec Modified Files: RefTest.java SimpleXMLSigTest.java XMLSignerTest.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: RefTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec/RefTest.java,v retrieving revision 1.7 retrieving revision 1.8 diff -C2 -d -r1.7 -r1.8 *** RefTest.java 5 Mar 2004 23:47:17 -0000 1.7 --- RefTest.java 8 Mar 2004 23:51:04 -0000 1.8 *************** *** 5,8 **** --- 5,9 ---- import org.dom4j.DocumentException; import org.dom4j.DocumentHelper; + import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.xml.XMLException; *************** *** 32,35 **** --- 33,40 ---- $Id$ $Log$ + Revision 1.8 2004/03/08 23:51:04 pelle + More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + All the major elements have been refactored to be cleaner and more correct. + Revision 1.7 2004/03/05 23:47:17 pelle Attempting to make Reference and SignedInfo more compliant with the standard. *************** *** 71,92 **** } ! public void testExternalReference() throws XMLException, CryptoException, IOException { File rfile = new File("project.xml"); final String uri = rfile.toURL().toExternalForm(); Reference ref = new Reference(uri); assertNotNull(ref); ! // assertNotNull(ref.getDigest()); assertEquals(uri, ref.getUri()); ! System.out.println(ref.asXML()); } public void testEnvelopedReference() throws DocumentException, XMLException, CryptoException { ! Document doc = DocumentHelper.parseText("<test>hello</test>"); ! Reference ref = new Reference(doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPED); assertNotNull(ref); ! // assertNotNull(ref.getDigest()); ! assertEquals("", ref.getUri()); ! // assertEquals(ref.); ! System.out.println(ref.asXML()); } --- 76,110 ---- } ! public void testExternalReference() throws XMLException, CryptoException, IOException, DocumentException { File rfile = new File("project.xml"); final String uri = rfile.toURL().toExternalForm(); Reference ref = new Reference(uri); assertNotNull(ref); ! assertNull(ref.getReferencedElement()); assertEquals(uri, ref.getUri()); ! try { ! Reference ref2 = new Reference(DocumentHelper.parseText(ref.asXML()).getRootElement()); ! } catch (InvalidSignatureException e) { ! assertTrue(false); ! } ! } public void testEnvelopedReference() throws DocumentException, XMLException, CryptoException { ! Document doc = DocumentHelper.parseText("<test>hello<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo/></Signature></test>"); ! Reference ref = new Reference(doc.getRootElement(), true); ! doc.getRootElement().element("Signature").element("SignedInfo").add(ref.getElement()); ! assertNotNull(ref); ! assertNotNull(ref.getReferencedElement()); ! assertTrue(Utility.isEmpty(ref.getUri())); ! try { ! Reference ref2 = new Reference(DocumentHelper.parseText(doc.asXML()).getRootElement().element("Signature").element("SignedInfo").element("Reference")); ! assertNotNull(ref2.getReferencedElement()); ! assertEquals("test", ref2.getReferencedElement().getName()); ! } catch (InvalidSignatureException e) { ! assertTrue(false); ! } ! } *************** *** 94,109 **** public void testEnvelopingReference() throws DocumentException, XMLException, CryptoException, InvalidSignatureException { Document doc = DocumentHelper.parseText("<Signature><SignedInfo/><Object Id=\"one\"><test>hello</test></Object></Signature>"); ! Reference ref = new Reference(doc.getRootElement().element("Object"), Reference.XMLSIGTYPE_ENVELOPING); doc.getRootElement().element("SignedInfo").add(ref.getElement()); assertNotNull(XMLTools.getByID(doc, "one")); assertNotNull(ref); - // assertNotNull(ref.getDigest()); assertEquals("#one", ref.getUri()); - System.out.println(doc.asXML()); Document doc2 = DocumentHelper.parseText(doc.asXML()); ! Reference ref2 = new Reference(doc2.getRootElement().element("SignedInfo").element("Reference")); ! // assertEquals(ref.getDigest(),ref2.getDigest()); ! assertEquals(ref.getUri(), ref2.getUri()); --- 112,131 ---- public void testEnvelopingReference() throws DocumentException, XMLException, CryptoException, InvalidSignatureException { Document doc = DocumentHelper.parseText("<Signature><SignedInfo/><Object Id=\"one\"><test>hello</test></Object></Signature>"); ! Reference ref = new Reference(doc.getRootElement().element("Object"), false); doc.getRootElement().element("SignedInfo").add(ref.getElement()); assertNotNull(XMLTools.getByID(doc, "one")); + assertNotNull(ref.getReferencedElement()); assertNotNull(ref); assertEquals("#one", ref.getUri()); Document doc2 = DocumentHelper.parseText(doc.asXML()); ! try { ! Reference ref2 = new Reference(doc2.getRootElement().element("SignedInfo").element("Reference")); ! assertNotNull(ref.getReferencedElement()); ! assertEquals(ref.getUri(), ref2.getUri()); ! assertEquals("Object", ref2.getReferencedElement().getName()); ! } catch (InvalidSignatureException e) { ! assertTrue(false); ! } Index: SimpleXMLSigTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec/SimpleXMLSigTest.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** SimpleXMLSigTest.java 2 Mar 2004 23:30:44 -0000 1.10 --- SimpleXMLSigTest.java 8 Mar 2004 23:51:04 -0000 1.11 *************** *** 6,13 **** import org.dom4j.DocumentHelper; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.passphraseagents.UserCancellationException; import org.neuclear.commons.crypto.signers.Signer; import org.neuclear.commons.crypto.signers.TestCaseSigner; - import org.neuclear.commons.test.JunitTools; import org.neuclear.xml.XMLException; import org.neuclear.xml.XMLTools; --- 6,13 ---- import org.dom4j.DocumentHelper; import org.neuclear.commons.crypto.CryptoException; + import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.passphraseagents.UserCancellationException; import org.neuclear.commons.crypto.signers.Signer; import org.neuclear.commons.crypto.signers.TestCaseSigner; import org.neuclear.xml.XMLException; import org.neuclear.xml.XMLTools; *************** *** 16,20 **** import java.security.KeyPair; import java.security.NoSuchAlgorithmException; - import java.security.interfaces.DSAPublicKey; /** --- 16,19 ---- *************** *** 25,28 **** --- 24,31 ---- * $Id$ * $Log$ + * Revision 1.11 2004/03/08 23:51:04 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.10 2004/03/02 23:30:44 pelle * Renamed SignatureInfo to SignedInfo as that is the name of the Element. *************** *** 31,35 **** * can't tell the difference between <test/> and <test xmlns=""/>. * Changed XMLSignature it is now has less repeated code. ! * * Revision 1.9 2004/03/02 18:39:57 pelle * Done some more minor fixes within xmlsig, but mainly I've removed the old Source and Store patterns and sub packages. This is because --- 34,38 ---- * can't tell the difference between <test/> and <test xmlns=""/>. * Changed XMLSignature it is now has less repeated code. ! * <p/> * Revision 1.9 2004/03/02 18:39:57 pelle * Done some more minor fixes within xmlsig, but mainly I've removed the old Source and Store patterns and sub packages. This is because *************** *** 127,132 **** public SimpleXMLSigTest(final String s) throws SecurityException, NoSuchAlgorithmException, CryptoException { super(s); ! rsa = JunitTools.getTestRSAKey(); ! dsa = JunitTools.getTestDSAKey(); signer = new TestCaseSigner(); new File("target/testdata/homegrown").mkdirs(); --- 130,135 ---- public SimpleXMLSigTest(final String s) throws SecurityException, NoSuchAlgorithmException, CryptoException { super(s); ! rsa = CryptoTools.createTinyRSAKeyPair(); ! dsa = CryptoTools.createTinyDSAKeyPair(); signer = new TestCaseSigner(); new File("target/testdata/homegrown").mkdirs(); *************** *** 145,149 **** public final void testEnvelopingUsignRSAKeyPair() throws DocumentException, XMLException, CryptoException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature(rsa, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPING); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-rsa.xml"); XMLTools.writeFile(outputFile, sig.getElement()); --- 148,152 ---- public final void testEnvelopingUsignRSAKeyPair() throws DocumentException, XMLException, CryptoException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature(rsa, doc.getRootElement(), false); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-rsa.xml"); XMLTools.writeFile(outputFile, sig.getElement()); *************** *** 155,159 **** public final void testEnvelopingUsignDSAKeyPair() throws DocumentException, XMLException, CryptoException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature(dsa, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPING); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-dsa.xml"); XMLTools.writeFile(outputFile, sig.getElement()); --- 158,162 ---- public final void testEnvelopingUsignDSAKeyPair() throws DocumentException, XMLException, CryptoException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature(dsa, doc.getRootElement(), false); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-dsa.xml"); XMLTools.writeFile(outputFile, sig.getElement()); *************** *** 165,169 **** public final void testEnvelopedUsignDSAKeyPair() throws DocumentException, XMLException, CryptoException { ! assertTrue("Test if public key is really DSA", dsa.getPublic() instanceof DSAPublicKey); Document doc = DocumentHelper.parseText(TESTXML); final XMLSignature sig = new XMLSignature(dsa, doc.getRootElement()); --- 168,172 ---- public final void testEnvelopedUsignDSAKeyPair() throws DocumentException, XMLException, CryptoException { ! // assertTrue("Test if public key is really DSA", dsa.getPublic() instanceof DSAPublicKey); Document doc = DocumentHelper.parseText(TESTXML); final XMLSignature sig = new XMLSignature(dsa, doc.getRootElement()); *************** *** 199,203 **** public final void testEnvelopedUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPED); final File outputFile = new File("target/testdata/homegrown/signature-enveloped-signer.xml"); XMLTools.writeFile(outputFile, doc); --- 202,206 ---- public final void testEnvelopedUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), true); final File outputFile = new File("target/testdata/homegrown/signature-enveloped-signer.xml"); XMLTools.writeFile(outputFile, doc); *************** *** 209,213 **** public final void testEnvelopingUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPING); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-signer.xml"); XMLTools.writeFile(outputFile, sig.getElement()); --- 212,216 ---- public final void testEnvelopingUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(TESTXML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), false); final File outputFile = new File("target/testdata/homegrown/signature-enveloping-signer.xml"); XMLTools.writeFile(outputFile, sig.getElement()); *************** *** 219,223 **** public final void testComplexEnvelopedUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(COMPLEX_XML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPED); final File outputFile = new File("target/testdata/homegrown/signature-complex-enveloped-signer.xml"); XMLTools.writeFile(outputFile, doc); --- 222,226 ---- public final void testComplexEnvelopedUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(COMPLEX_XML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), true); final File outputFile = new File("target/testdata/homegrown/signature-complex-enveloped-signer.xml"); XMLTools.writeFile(outputFile, doc); *************** *** 229,233 **** public final void testComplexEnvelopingUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(COMPLEX_XML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPING); final File outputFile = new File("target/testdata/homegrown/signature-complex-enveloping-signer.xml"); XMLTools.writeFile(outputFile, sig.getElement()); --- 232,236 ---- public final void testComplexEnvelopingUsingSigner() throws DocumentException, XMLException, CryptoException, UserCancellationException { Document doc = DocumentHelper.parseText(COMPLEX_XML); ! final XMLSignature sig = new XMLSignature("neu://test", signer, doc.getRootElement(), false); final File outputFile = new File("target/testdata/homegrown/signature-complex-enveloping-signer.xml"); XMLTools.writeFile(outputFile, sig.getElement()); Index: XMLSignerTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec/XMLSignerTest.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** XMLSignerTest.java 14 Jan 2004 06:42:38 -0000 1.2 --- XMLSignerTest.java 8 Mar 2004 23:51:04 -0000 1.3 *************** *** 30,33 **** --- 30,37 ---- $Id$ $Log$ + Revision 1.3 2004/03/08 23:51:04 pelle + More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + All the major elements have been refactored to be cleaner and more correct. + Revision 1.2 2004/01/14 06:42:38 pelle Got rid of the verifyXXX() methods *************** *** 43,56 **** * Time: 8:50:32 PM */ ! public class XMLSignerTest extends TestCase{ public XMLSignerTest(String string) throws InvalidPassphraseException { super(string); ! signer=new TestCaseSigner(); } public void testSign() throws DocumentException, XMLSecurityException, NonExistingSignerException, UserCancellationException { ! Document doc=DocumentHelper.parseText("<hello>test</hello>"); ! XMLSignature sig=new XMLSignature("neu://bob@test",signer,doc.getRootElement(),Reference.XMLSIGTYPE_ENVELOPED); assertTrue(true); } --- 47,61 ---- * Time: 8:50:32 PM */ ! public class XMLSignerTest extends TestCase { public XMLSignerTest(String string) throws InvalidPassphraseException { super(string); ! signer = new TestCaseSigner(); } + public void testSign() throws DocumentException, XMLSecurityException, NonExistingSignerException, UserCancellationException { ! Document doc = DocumentHelper.parseText("<hello>test</hello>"); ! XMLSignature sig = new XMLSignature("neu://bob@test", signer, doc.getRootElement(), true); assertTrue(true); } |
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/java/org/neuclear/xml/xmlsec Modified Files: InvalidSignatureException.java Reference.java SignedElement.java SignedInfo.java XMLSecTools.java XMLSignature.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: InvalidSignatureException.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/InvalidSignatureException.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** InvalidSignatureException.java 5 Mar 2004 23:47:17 -0000 1.3 --- InvalidSignatureException.java 8 Mar 2004 23:51:03 -0000 1.4 *************** *** 11,15 **** */ public class InvalidSignatureException extends Exception { ! public InvalidSignatureException(String a, String b) { super("Digest: '" + a + "' not equal to: " + b); } --- 11,15 ---- */ public class InvalidSignatureException extends Exception { ! public InvalidSignatureException(byte[] a, byte[] b) { super("Digest: '" + a + "' not equal to: " + b); } Index: Reference.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/Reference.java,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** Reference.java 5 Mar 2004 23:47:17 -0000 1.15 --- Reference.java 8 Mar 2004 23:51:03 -0000 1.16 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.16 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.15 2004/03/05 23:47:17 pelle * Attempting to make Reference and SignedInfo more compliant with the standard. *************** *** 162,178 **** import org.dom4j.Element; import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.CryptoTools; - import org.neuclear.xml.XMLException; import org.neuclear.xml.XMLTools; import org.neuclear.xml.c14.Canonicalizer; ! import org.neuclear.xml.c14.CanonicalizerWithoutSignature; - import java.io.BufferedInputStream; - import java.io.ByteArrayOutputStream; import java.io.IOException; - import java.io.InputStream; - import java.net.MalformedURLException; import java.net.URL; public final class Reference extends AbstractXMLSigElement { --- 166,181 ---- import org.dom4j.Element; + import org.dom4j.Node; import org.neuclear.commons.Utility; import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.xml.XMLTools; import org.neuclear.xml.c14.Canonicalizer; ! import org.neuclear.xml.transforms.EnvelopedSignatureTransform; ! import org.neuclear.xml.transforms.Transform; ! import org.neuclear.xml.transforms.TransformerFactory; import java.io.IOException; import java.net.URL; + import java.util.List; public final class Reference extends AbstractXMLSigElement { *************** *** 187,234 **** * <ul> */ ! public Reference(final Element root, final int sigtype) throws XMLSecurityException { ! super(Reference.TAG_NAME); ! final Canonicalizer canon; ! object = root; ! Element transformsElement = addElement("Transforms"); ! // final Element object; ! if (sigtype == XMLSIGTYPE_ENVELOPED) { ! createAttribute("URI", ""); ! canon = new CanonicalizerWithoutSignature(); ! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"); ! } else if (sigtype == XMLSIGTYPE_ENVELOPING) { ! canon = new Canonicalizer(); ! } else { ! throw new XMLSecurityException("Unsupported Signature Method"); ! } ! transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); ! final String id = Utility.denullString(root.attributeValue("Id"), root.attributeValue("ID")); if (!Utility.isEmpty(id)) ! createAttribute("URI", "#" + id); ! digest = addDigest(canon, root); } ! private Reference(Object object, InputStream is) throws XMLSecurityException { super(Reference.TAG_NAME); ! try { ! digest = new String(CryptoTools.digest(is)); ! this.object = object; ! } catch (IOException e) { ! throw new XMLSecurityException(e); } } ! public Reference(final String url) throws XMLSecurityException, IOException { ! this(new URL(url)); } ! public Reference(final URL url) throws XMLSecurityException, IOException { ! this(url, url.openStream()); ! createAttribute("URI", url.toExternalForm()); } /** * Build this from XML Reference Element --- 190,275 ---- * <ul> */ ! public Reference(final Element root, boolean enveloped) throws XMLSecurityException { ! this(root, createTransformerArray(enveloped)); ! } ! private static Transform[] createTransformerArray(boolean enveloped) { ! if (enveloped) ! return new Transform[]{new EnvelopedSignatureTransform(), new Canonicalizer()}; ! else ! return new Transform[]{new Canonicalizer()}; ! } ! ! public Reference(final Element elem, final Transform transforms[]) throws XMLSecurityException { ! this(elem, calculateDigest(elem, transforms), transforms); ! final String id = Utility.denullString(elem.attributeValue("Id"), elem.attributeValue("ID")); if (!Utility.isEmpty(id)) ! createAttribute("URI", "#" + elem.attributeValue("Id")); ! } ! /** ! * Creates a simple Reference to an Element for use in an Enveloped Signature. ! * ! * @param root ! * @return ! * @throws XMLSecurityException ! */ ! public static Reference createEnvelopedReference(final Element root) throws XMLSecurityException { ! return new Reference(root, true); } ! /** ! * Creates a simple Reference to an element which already is inside an Object tag and has a URI. ! * ! * @param root ! * @return ! * @throws XMLSecurityException ! */ ! public static Reference createEnvelopingObjectReference(final Element root) throws XMLSecurityException { ! return new Reference(root, false); ! } ! ! public static Reference createExternalReference(final String url) throws XMLSecurityException { ! return new Reference(url); ! } ! ! private static byte[] calculateDigest(final Element elem, final Transform[] transforms) throws XMLSecurityException { ! Object obj = elem; ! for (int i = 0; i < (transforms.length - 1); i++) ! obj = transforms[i].transformNode(obj); ! if (transforms[transforms.length - 1] instanceof Canonicalizer) ! return CryptoTools.digest(((Canonicalizer) transforms[transforms.length - 1]).canonicalize(obj)); ! throw new XMLSecurityException("Final transform must be a Canonicalizer"); ! } ! ! private Reference(Element elem, byte[] digest, Transform transforms[]) { super(Reference.TAG_NAME); ! this.refObject = elem; ! if (transforms != null && transforms.length > 0) { ! Element transformsElement = addElement("Transforms"); ! for (int i = 0; i < transforms.length; i++) { ! transformsElement.add(transforms[i].getElement()); ! } } + addElement("DigestMethod").addAttribute(XMLSecTools.createQName("Algorithm"), "http://www.w3.org/2000/09/xmldsig#sha1"); + getElement().add(XMLSecTools.base64ToElement("DigestValue", digest)); } ! public Reference(String url) throws XMLSecurityException { ! this(null, digest(url), null); ! createAttribute("URI", url); } ! ! private static byte[] digest(String url) throws XMLSecurityException { ! try { ! return CryptoTools.digest(new URL(url).openStream()); ! } catch (IOException e) { ! throw new XMLSecurityException(e); ! } } + /** * Build this from XML Reference Element *************** *** 241,275 **** if (!elem.getQName().getName().equals(TAG_NAME)) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); ! int type = findSignatureType(elem); ! ! digest = new String(XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue")))); ! ! object = findRefElement(elem); ! if (object == null) ! throw new XMLSecurityException("Couldnt Dereference Object:\n " + elem.asXML()); ! final Canonicalizer canon; ! if (type == XMLSIGTYPE_ENVELOPED) ! canon = new CanonicalizerWithoutSignature(); ! else ! canon = new Canonicalizer(); ! final String dig2 = createDigest(canon, object); ! if (!digest.equals(dig2)) throw new InvalidSignatureException(digest, dig2); } ! private String addDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { ! addElement("DigestMethod").addAttribute(XMLSecTools.createQName("Algorithm"), "http://www.w3.org/2000/09/xmldsig#sha1"); ! final String digest = createDigest(canon, root); ! getElement().add(XMLSecTools.base64ToElement("DigestValue", digest)); ! return digest; ! } ! ! private static String createDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { final byte[] value = canon.canonicalize(root); // System.out.println("Canonicalized Reference:"); // System.out.println(new String(value)); // System.out.println("------"); ! return new String(CryptoTools.digest(value)); } --- 282,311 ---- if (!elem.getQName().getName().equals(TAG_NAME)) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); ! byte[] digest = XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue"))); ! final byte[] dig2; ! refObject = findRefElement(elem); ! if (refObject == null) { ! String uri = elem.attributeValue("URI"); ! dig2 = digest(uri); ! } else { ! Node node = refObject; ! final List list = elem.element(XMLSecTools.createQName("Transforms")).elements(XMLSecTools.createQName("Transform")); ! for (int i = 0; i < list.size() - 1; i++) { ! Transform o = TransformerFactory.make((Element) list.get(i)); ! node = (Node) o.transformNode(node); ! } ! dig2 = createDigest((Canonicalizer) TransformerFactory.make((Element) list.get(list.size() - 1)), node); ! } ! if (!CryptoTools.equalByteArrays(digest, dig2)) throw new InvalidSignatureException(digest, dig2); } ! private static byte[] createDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { final byte[] value = canon.canonicalize(root); // System.out.println("Canonicalized Reference:"); // System.out.println(new String(value)); // System.out.println("------"); ! return CryptoTools.digest(value); } *************** *** 284,288 **** } ! private static Object findRefElement(Element elem) throws XMLSecurityException { final String id = elem.attributeValue("URI"); if (!Utility.isEmpty(id) && id.length() > 1) { --- 320,324 ---- } ! private static Element findRefElement(Element elem) throws XMLSecurityException { final String id = elem.attributeValue("URI"); if (!Utility.isEmpty(id) && id.length() > 1) { *************** *** 291,296 **** return XMLTools.getByID(elem, id.substring(1));//.createCopy(); } ! // Non Local URI, we need to load it ! return loadReference(id); } --- 327,332 ---- return XMLTools.getByID(elem, id.substring(1));//.createCopy(); } ! // Non Local URI, we dont set the referenced element ! return null; } *************** *** 299,330 **** } ! private static Object loadReference(final String refuri) throws XMLSecurityException { ! if (Utility.isEmpty(refuri)) ! throw new XMLSecurityException("XMLSignature is not linked to Document"); ! try { ! URL url = new URL(refuri); ! String ref = url.getRef(); ! if (ref != null) // If we have a reference part it is XML ! return XMLTools.loadDocument(url).getRootElement().elementByID(ref); ! BufferedInputStream is = new BufferedInputStream(url.openStream()); ! ByteArrayOutputStream os = new ByteArrayOutputStream(is.available()); ! byte input[] = new byte[is.available()]; ! int count = 0; ! while ((count = is.read(input)) >= 0) { ! os.write(input, 0, count); ! } ! is.close(); ! return new String(os.toByteArray()); ! } catch (XMLException e) { ! throw new XMLSecurityException(e); ! } catch (MalformedURLException e) { ! throw new XMLSecurityException(e); ! } catch (IOException e) { ! throw new XMLSecurityException(e); ! } ! } ! ! public String getDigest() { ! return digest; } --- 335,340 ---- } ! public Element getReferencedElement() { ! return refObject; } *************** *** 333,338 **** } ! private final String digest; ! public final Object object; private static final String TAG_NAME = "Reference"; --- 343,347 ---- } ! public final Element refObject; private static final String TAG_NAME = "Reference"; Index: SignedElement.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedElement.java,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** SignedElement.java 14 Jan 2004 06:42:38 -0000 1.10 --- SignedElement.java 8 Mar 2004 23:51:03 -0000 1.11 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.11 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.10 2004/01/14 06:42:38 pelle * Got rid of the verifyXXX() methods *************** *** 146,150 **** import org.dom4j.Namespace; import org.dom4j.QName; - import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.passphraseagents.UserCancellationException; import org.neuclear.commons.crypto.signers.NonExistingSignerException; --- 150,153 ---- *************** *** 153,159 **** import org.neuclear.xml.XMLException; - import java.security.PrivateKey; - import java.security.PublicKey; - public abstract class SignedElement extends AbstractElementProxy { --- 156,159 ---- *************** *** 173,177 **** throw new XMLSecurityException(e); } catch (InvalidSignatureException e) { ! throw new XMLSecurityException(e) ; } --- 173,177 ---- throw new XMLSecurityException(e); } catch (InvalidSignatureException e) { ! throw new XMLSecurityException(e); } *************** *** 220,226 **** return sig; } public boolean verify() throws XMLSecurityException { try { ! sig=new XMLSignature(getElement().element(XMLSecTools.createQName("Signature"))); return true; } catch (InvalidSignatureException e) { --- 220,227 ---- return sig; } + public boolean verify() throws XMLSecurityException { try { ! sig = new XMLSignature(getElement().element(XMLSecTools.createQName("Signature"))); return true; } catch (InvalidSignatureException e) { *************** *** 228,234 **** } } ! public final void sign(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { preSign(); ! sig = new XMLSignature(name,signer, getElement(),Reference.XMLSIGTYPE_ENVELOPED); postSign(); } --- 229,236 ---- } } ! ! public final void sign(final String name, final Signer signer) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { preSign(); ! sig = new XMLSignature(name, signer, getElement(), true); postSign(); } Index: SignedInfo.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedInfo.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** SignedInfo.java 5 Mar 2004 23:47:17 -0000 1.2 --- SignedInfo.java 8 Mar 2004 23:51:03 -0000 1.3 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.3 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.2 2004/03/05 23:47:17 pelle * Attempting to make Reference and SignedInfo more compliant with the standard. *************** *** 104,114 **** import org.dom4j.Element; import org.neuclear.commons.crypto.signers.Signer; import org.neuclear.xml.XMLException; import org.neuclear.xml.c14.Canonicalizer; ! import java.security.NoSuchAlgorithmException; ! import java.security.NoSuchProviderException; ! import java.security.Signature; import java.util.ArrayList; import java.util.Collections; --- 108,120 ---- import org.dom4j.Element; + import org.neuclear.commons.crypto.CryptoException; + import org.neuclear.commons.crypto.CryptoTools; + import org.neuclear.commons.crypto.passphraseagents.UserCancellationException; + import org.neuclear.commons.crypto.signers.NonExistingSignerException; import org.neuclear.commons.crypto.signers.Signer; import org.neuclear.xml.XMLException; import org.neuclear.xml.c14.Canonicalizer; ! import java.security.*; import java.util.ArrayList; import java.util.Collections; *************** *** 117,132 **** public final class SignedInfo extends AbstractXMLSigElement { public SignedInfo(Reference references[], final int sigalg) { ! super(SignedInfo.TAG_NAME); ! final ArrayList list = new ArrayList(references.length); for (int i = 0; i < references.length; i++) { ! list.add(references[i]); addElement(references[i]); } - this.refs = Collections.unmodifiableList(list); } ! public SignedInfo(final Element root, final int sigalg, final int sigtype) throws XMLSecurityException { super(SignedInfo.TAG_NAME); this.algType = sigalg; final Element cm = XMLSecTools.createElementInSignatureSpace("CanonicalizationMethod"); --- 123,153 ---- public final class SignedInfo extends AbstractXMLSigElement { public SignedInfo(Reference references[], final int sigalg) { ! this(sigalg, references.length); for (int i = 0; i < references.length; i++) { ! refs.add(references[i]); addElement(references[i]); } } ! public SignedInfo(final int sigalg, final int refcount) { super(SignedInfo.TAG_NAME); this.algType = sigalg; + refs = new ArrayList(refcount); + + final Element cm = XMLSecTools.createElementInSignatureSpace("CanonicalizationMethod"); + cm.addAttribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); + addElement(cm); + + final Element sm = XMLSecTools.createElementInSignatureSpace("SignatureMethod"); + if (sigalg == SignedInfo.SIG_ALG_RSA) + sm.addAttribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#rsa-sha1"); + else + sm.addAttribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#dsa-sha1"); + + addElement(sm); + } + + public SignedInfo(final Element root, final int sigalg, final boolean enveloped) throws XMLSecurityException { + this(sigalg, 1); final Element cm = XMLSecTools.createElementInSignatureSpace("CanonicalizationMethod"); *************** *** 142,149 **** addElement(sm); ! Reference ref = new Reference(root, sigtype); ! List list = new ArrayList(1); ! list.add(ref); ! this.refs = Collections.unmodifiableList(list); addElement(ref); } catch (XMLException e) { --- 163,168 ---- addElement(sm); ! Reference ref = new Reference(root, enveloped); ! refs.add(ref); addElement(ref); } catch (XMLException e) { *************** *** 160,169 **** c14nType = Canonicalizer.C14NTYPE_WITH_COMMENTS; final List list = elem.elements(XMLSecTools.createQName("Reference")); ! final List refList = new ArrayList(list.size()); for (int i = 0; i < list.size(); i++) { Element element = (Element) list.get(i); ! refList.add(new Reference(element)); } ! this.refs = Collections.unmodifiableList(refList); } --- 179,209 ---- c14nType = Canonicalizer.C14NTYPE_WITH_COMMENTS; final List list = elem.elements(XMLSecTools.createQName("Reference")); ! refs = new ArrayList(list.size()); for (int i = 0; i < list.size(); i++) { Element element = (Element) list.get(i); ! refs.add(new Reference(element)); } ! } ! ! /** ! * @param elem ! * @throws XMLSecurityException ! */ ! public void setEnvelopedReference(final Element elem) throws XMLSecurityException { ! Reference ref = Reference.createEnvelopedReference(elem); ! this.refs.add(ref); ! addElement(ref); ! } ! ! public void addEnvelopingReference(final Element elem) throws XMLSecurityException { ! Reference ref = Reference.createEnvelopingObjectReference(elem); ! this.refs.add(ref); ! addElement(ref); ! } ! ! public void addExternalReference(final String url) throws XMLSecurityException { ! Reference ref = Reference.createExternalReference(url); ! this.refs.add(ref); ! addElement(ref); } *************** *** 176,180 **** */ public final List getReferences() throws XMLSecurityException { ! return refs; } --- 216,229 ---- */ public final List getReferences() throws XMLSecurityException { ! return Collections.unmodifiableList(refs); ! } ! ! /** ! * Returns the Element of the first Reference ! * ! * @return ! */ ! public final Element getPrimaryReference() { ! return ((Reference) refs.get(0)).getReferencedElement(); } *************** *** 203,206 **** --- 252,282 ---- } + /** + * Signs the SignedInfo and returns the signature + * + * @param key + * @return + * @throws XMLSecurityException + */ + public final byte[] sign(PrivateKey key) throws XMLSecurityException { + try { + return CryptoTools.sign(key, canonicalize()); + } catch (CryptoException e) { + throw new XMLSecurityException(e); + } + } + + public final byte[] sign(String name, Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { + return signer.sign(name, canonicalize()); + } + + public final boolean verify(PublicKey pub, byte[] sig) throws XMLSecurityException { + try { + return CryptoTools.verify(pub, canonicalize(), sig); + } catch (CryptoException e) { + throw new XMLSecurityException(e); + } + } + public final String getTagName() { return TAG_NAME; Index: XMLSecTools.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSecTools.java,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** XMLSecTools.java 5 Mar 2004 23:47:17 -0000 1.12 --- XMLSecTools.java 8 Mar 2004 23:51:03 -0000 1.13 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.13 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.12 2004/03/05 23:47:17 pelle * Attempting to make Reference and SignedInfo more compliant with the standard. *************** *** 181,190 **** import org.neuclear.xml.XMLException; import org.neuclear.xml.c14.Canonicalizer; - import org.neuclear.xml.c14.CanonicalizerWithoutSignature; import java.io.IOException; import java.io.StringWriter; import java.math.BigInteger; ! import java.security.*; import java.security.cert.Certificate; import java.util.Iterator; --- 185,196 ---- import org.neuclear.xml.XMLException; import org.neuclear.xml.c14.Canonicalizer; import java.io.IOException; import java.io.StringWriter; import java.math.BigInteger; ! import java.security.KeyPair; ! import java.security.KeyStore; ! import java.security.KeyStoreException; ! import java.security.PublicKey; import java.security.cert.Certificate; import java.util.Iterator; *************** *** 232,236 **** */ public static XMLSignature signElement(final Element root, final String name, final org.neuclear.commons.crypto.signers.Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {//, KeyStoreException { ! return new XMLSignature(name, signer, root, Reference.XMLSIGTYPE_ENVELOPED); } --- 238,242 ---- */ public static XMLSignature signElement(final Element root, final String name, final org.neuclear.commons.crypto.signers.Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException {//, KeyStoreException { ! return new XMLSignature(name, signer, root, true); } *************** *** 243,260 **** */ public static XMLSignature signElementEnveloping(final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException { ! final XMLSignature sig = new XMLSignature(keypair, root, Reference.XMLSIGTYPE_ENVELOPING); ! return sig; ! } ! ! /** ! * Signs an element with a given Private Key and embeds the element within the Signature. ! * ! * @param baseURI Unique ID of the Element to be signed ! * @param root Element to be signed ! * @param key RSA Private Key ! * @throws XMLSecurityException ! */ ! public static XMLSignature signElementEnveloping(final String baseURI, final Element root, final PrivateKey key) throws XMLSecurityException, CryptoException {//, KeyStoreException { ! final XMLSignature sig = new XMLSignature(key, null, root, Reference.XMLSIGTYPE_ENVELOPING); return sig; } --- 249,253 ---- */ public static XMLSignature signElementEnveloping(final Element root, final KeyPair keypair) throws XMLSecurityException, CryptoException {//, KeyStoreException { ! final XMLSignature sig = new XMLSignature(keypair, root, false); return sig; } *************** *** 392,405 **** /** - * This canonicalizes an object while leaving out any embedded signatures. - * - * @param node - * @return - */ - public static byte[] canonicalizeEmbeddedSignature(final Object node) throws XMLSecurityException { - return canonicalize(new CanonicalizerWithoutSignature(), node); - } - - /** * Canonicalizes an object based on the given Canonicalizer * --- 385,388 ---- Index: XMLSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSignature.java,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** XMLSignature.java 2 Mar 2004 23:30:43 -0000 1.14 --- XMLSignature.java 8 Mar 2004 23:51:03 -0000 1.15 *************** *** 1,4 **** --- 1,8 ---- /* $Id$ * $Log$ + * Revision 1.15 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.14 2004/03/02 23:30:43 pelle * Renamed SignatureInfo to SignedInfo as that is the name of the Element. *************** *** 200,207 **** import org.neuclear.commons.crypto.signers.PublicKeySource; import org.neuclear.commons.crypto.signers.Signer; - import org.neuclear.xml.XMLException; import java.security.KeyPair; - import java.security.PrivateKey; import java.security.PublicKey; import java.security.interfaces.RSAPublicKey; --- 204,209 ---- *************** *** 219,305 **** * @throws XMLSecurityException */ ! public XMLSignature(final KeyPair keypair, final Element root) throws XMLSecurityException, CryptoException { ! this(keypair.getPrivate(), keypair.getPublic(), root); } - /** - * Creates a Signature object based on given element root. - * - * @param keypair - * @param root - * @param type Reference.XMLSIGTYPE_ENVELOPED,Reference.XMLSIGTYPE_ENVELOPING or Reference.XMLSIGTYPE_DETACHED - * @throws XMLSecurityException - */ - public XMLSignature(final KeyPair keypair, final Element root, final int type) throws XMLSecurityException, CryptoException { - this(keypair.getPrivate(), keypair.getPublic(), root, type); - } ! public XMLSignature(final PrivateKey key, final PublicKey pub, final Element root) throws XMLSecurityException, CryptoException { ! this(key, pub, root, Reference.XMLSIGTYPE_ENVELOPED); } ! /** ! * Internal constructor used for common stuff regardless of key type ! * ! * @param pub ! * @param root ! * @param type ! * @throws XMLSecurityException ! */ ! private XMLSignature(final PublicKey pub, Element root, final int type) throws XMLSecurityException { ! super(XMLSignature.TAG_NAME); ! try { ! if (type == Reference.XMLSIGTYPE_ENVELOPED) { ! root.add(getElement()); ! } else if (type == Reference.XMLSIGTYPE_ENVELOPING) { ! final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); ! objElem.addAttribute("Id", "data"); ! DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc ! objElem.add(root); ! root = objElem; ! getElement().add(root); ! } ! final int alg = (pub instanceof RSAPublicKey) ? SignedInfo.SIG_ALG_RSA : SignedInfo.SIG_ALG_DSA; ! si = new SignedInfo(root, alg, type); ! addElement(si); ! sigval = addElement("SignatureValue"); ! if (pub != null) ! addElement(new KeyInfo(pub)); - // If Enveloping add Object element last - if (type == Reference.XMLSIGTYPE_ENVELOPING) { - getElement().remove(root); - getElement().add(root); - } - } catch (XMLException e) { - throw new XMLSecurityException(e); - } } ! public XMLSignature(final PrivateKey key, final PublicKey pub, Element root, final int type) throws XMLSecurityException, CryptoException { ! this(pub, root, type); ! final byte[] cansi = si.canonicalize(); ! // System.out.println("Canonicalized:"); ! // System.out.println(new String(cansi)); ! // System.out.println("------"); ! sigval.setText(Base64.encode(CryptoTools.sign(key, cansi))); } ! public XMLSignature(final String name, final Signer signer, Element root, final int type) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! this(getPublicKey(signer, name), root, type); ! final byte[] cansi = si.canonicalize(); ! // System.out.println("Canonicalized SI:"); ! // System.out.println(new String(cansi)); ! // System.out.println("------"); ! sigval.setText(Base64.encode(signer.sign(name, cansi))); } ! private static PublicKey getPublicKey(final Signer signer, final String name) throws XMLSecurityException, NonExistingSignerException { ! if (!(signer instanceof PublicKeySource)) ! throw new XMLSecurityException("The Signer must also be a public key source"); ! return ((PublicKeySource) signer).getPublicKey(name); } public XMLSignature(final Element elem) throws XMLSecurityException, InvalidSignatureException { super(elem); --- 221,279 ---- * @throws XMLSecurityException */ ! public XMLSignature(final KeyPair keypair, final Element root) throws XMLSecurityException { ! this(keypair, root, true); } ! public XMLSignature(final KeyPair kp, final Element elem, final boolean embedded) throws XMLSecurityException { ! this(kp.getPublic(), new SignedInfo(getSignatureAlgorithm(kp.getPublic()), 1)); ! if (embedded) { ! si.setEnvelopedReference(elem); ! elem.add(getElement()); ! } else ! si.addEnvelopingReference(addDataObject("data", elem)); + sign(kp); } ! public XMLSignature(final String name, final Signer signer, final Element elem, final boolean embedded) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! this(getPublicKey(name, signer), new SignedInfo(getSignatureAlgorithm(getPublicKey(name, signer)), 1)); ! if (embedded) { ! si.setEnvelopedReference(elem); ! elem.add(getElement()); ! } else ! si.addEnvelopingReference(addDataObject("data", elem)); ! sign(name, signer); } ! private XMLSignature(final PublicKey pub, final SignedInfo si) { ! super(XMLSignature.TAG_NAME); ! this.si = si; ! addElement(si); ! sigval = addElement("SignatureValue"); ! if (pub != null) ! addElement(new KeyInfo(pub)); } ! public XMLSignature(final KeyPair kp, final SignedInfo si) throws XMLSecurityException, CryptoException { ! this(kp.getPublic(), si); ! sign(kp); } ! ! public XMLSignature(final String name, final Signer signer, final SignedInfo si) throws XMLSecurityException, UserCancellationException, NonExistingSignerException { ! this(getPublicKey(name, signer), si); ! sign(name, signer); } + + /** + * Constructor from Raw XML + * + * @param elem + * @throws XMLSecurityException + * @throws InvalidSignatureException + */ public XMLSignature(final Element elem) throws XMLSecurityException, InvalidSignatureException { super(elem); *************** *** 333,343 **** si = new SignedInfo(siElem); final byte[] sig = getSignature(); ! final byte[] cansi = si.canonicalize(); ! try { ! if (!CryptoTools.verify(pub, cansi, sig)) ! throw new InvalidSignatureException(pub); ! } catch (CryptoException e) { ! throw new XMLSecurityException(e); ! } } --- 307,339 ---- si = new SignedInfo(siElem); final byte[] sig = getSignature(); ! if (!si.verify(pub, sig)) ! throw new InvalidSignatureException(pub); ! } ! ! static private int getSignatureAlgorithm(final PublicKey pub) { ! return (pub instanceof RSAPublicKey) ? SignedInfo.SIG_ALG_RSA : SignedInfo.SIG_ALG_DSA; ! } ! ! private void sign(final KeyPair kp) throws XMLSecurityException { ! sigval.setText(Base64.encode(si.sign(kp.getPrivate()))); ! } ! ! private void sign(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException, UserCancellationException { ! sigval.setText(Base64.encode(si.sign(name, signer))); ! } ! ! private Element addDataObject(final String id, final Element root) { ! final Element objElem = XMLSecTools.createElementInSignatureSpace("Object"); ! objElem.addAttribute("Id", id); ! DocumentHelper.createDocument(getElement());//As Signature Element is parent we will now add a doc ! objElem.add(root); ! getElement().add(objElem); ! return objElem; ! } ! ! private static PublicKey getPublicKey(final String name, final Signer signer) throws XMLSecurityException, NonExistingSignerException { ! if (!(signer instanceof PublicKeySource)) ! throw new XMLSecurityException("The Signer must also be a public key source"); ! return ((PublicKeySource) signer).getPublicKey(name); } *************** *** 376,380 **** } ! protected final SignedInfo getSi() { return si; } --- 372,376 ---- } ! public final SignedInfo getSi() { return si; } |
|
From: <pe...@us...> - 2004-03-09 00:07:49
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/transforms In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/test/org/neuclear/xml/transforms Added Files: EnvelopedSignatureTransformTest.java Removed Files: DropSignatureTransformTest.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. --- NEW FILE: EnvelopedSignatureTransformTest.java --- package org.neuclear.xml.transforms; /** * (C) 2003 Antilles Software Ventures SA * User: pelleb * Date: Jan 21, 2003 * Time: 3:12:00 PM * $Id: EnvelopedSignatureTransformTest.java,v 1.1 2004/03/08 23:51:03 pelle Exp $ * $Log: EnvelopedSignatureTransformTest.java,v $ * Revision 1.1 2004/03/08 23:51:03 pelle * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. * All the major elements have been refactored to be cleaner and more correct. * * Revision 1.2 2003/11/21 04:44:31 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. * Otherwise You will Finaliate. * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). * * Revision 1.1.1.1 2003/11/11 16:33:31 pelle * Moved over from neudist.org * Moved remaining common utilities into commons * * Revision 1.2 2003/02/11 14:50:26 pelle * Trying onemore time. Added the benchmarking code. * Now generates DigestValue and optionally adds KeyInfo to Signature. * * Revision 1.1 2003/02/01 01:48:26 pelle * Fixed the XPath Transform. * Has the beginning of a processing framework for the Reference class. * * Revision 1.1 2003/01/21 22:01:44 pelle * Added a bunch of test cases for Transforms. * Also several new transforms are there. * I have a feeling I didn't think this through, so dont use the Transform bit yet. * NB. None of it is used yet by the actual signing process so dont worry. * */ import org.dom4j.DocumentException; import org.dom4j.DocumentHelper; import org.dom4j.Element; public final class EnvelopedSignatureTransformTest extends AbstractTransformTest { public EnvelopedSignatureTransformTest(final String s) { super(s); } public final Transform createTransform() { return new EnvelopedSignatureTransform(); } public final Element getTestElement() { try { return DocumentHelper.parseText(TESTELEMENT).getRootElement(); } catch (DocumentException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. return null; } } public final Element getExpectedResult() { try { return DocumentHelper.parseText(TESTRESULT).getRootElement(); } catch (DocumentException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. return null; } } private static final String TESTELEMENT = "<test><test2/><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"/></test>"; private static final String TESTRESULT = "<test><test2/></test>"; } --- DropSignatureTransformTest.java DELETED --- |
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/transforms In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/java/org/neuclear/xml/transforms Modified Files: TransformerFactory.java XPathTransform.java Added Files: EnvelopedSignatureTransform.java Removed Files: DropSignatureTransform.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. --- NEW FILE: EnvelopedSignatureTransform.java --- package org.neuclear.xml.transforms; /** * (C) 2003 Antilles Software Ventures SA * User: pelleb * Date: Jan 27, 2003 * Time: 10:02:07 AM * $Id: EnvelopedSignatureTransform.java,v 1.1 2004/03/08 23:51:03 pelle Exp $ * $Log: EnvelopedSignatureTransform.java,v $ * Revision 1.1 2004/03/08 23:51:03 pelle * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. * All the major elements have been refactored to be cleaner and more correct. * * Revision 1.4 2004/02/19 19:37:34 pelle * At times IntelliJ IDEA can cause some real hassle. On my last checkin it optimized away all of the dom4j and command line imports. * We'll now, Ive added them all back. * * Revision 1.3 2004/02/19 15:30:08 pelle * Various cleanups and corrections * * Revision 1.2 2003/11/21 04:44:30 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. * Otherwise You will Finaliate. * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). * * Revision 1.1.1.1 2003/11/11 16:33:24 pelle * Moved over from neudist.org * Moved remaining common utilities into commons * * Revision 1.3 2003/02/22 16:54:29 pelle * Major structural changes in the whole processing framework. * Verification now supports Enveloping and detached signatures. * The reference element is a lot more important at the moment and handles much of the logic. * Replaced homegrown Base64 with Blackdowns. * Still experiencing problems with decoding foreign signatures. I reall dont understand it. I'm going to have * to reread the specs a lot more and study other implementations sourcecode. * * Revision 1.2 2003/02/11 14:50:09 pelle * Trying onemore time. Added the benchmarking code. * Now generates DigestValue and optionally adds KeyInfo to Signature. * * Revision 1.1 2003/02/01 01:48:17 pelle * Fixed the XPath Transform. * Has the beginning of a processing framework for the Reference class. * */ import org.dom4j.Element; import org.neuclear.xml.xmlsec.XMLSecurityException; public final class EnvelopedSignatureTransform extends XPathTransform { public EnvelopedSignatureTransform() { super(ALGORITHM, XPATH); } public EnvelopedSignatureTransform(final Element elem) throws XMLSecurityException { super(elem); } public static final String ALGORITHM = "http://www.w3.org/2000/09/xmldsig#enveloped-signature"; public static final String XPATH = "(//. | //@* | //namespace::*| self::processing-instruction())[not(self::ds:Signature)]"; { TransformerFactory.registerTransformer(ALGORITHM, EnvelopedSignatureTransform.class); } } Index: TransformerFactory.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/transforms/TransformerFactory.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TransformerFactory.java 21 Nov 2003 04:44:30 -0000 1.2 --- TransformerFactory.java 8 Mar 2004 23:51:03 -0000 1.3 *************** *** 5,10 **** import org.neuclear.xml.c14.CanonicalizerWithComments; - import java.lang.reflect.Constructor; - import java.lang.reflect.InvocationTargetException; import java.util.HashMap; --- 5,8 ---- *************** *** 18,55 **** public final class TransformerFactory { ! public static final Transform make(final Element elem) throws XMLTransformNotFoundException{ ! if (elem==null) throw new XMLTransformNotFoundException("The Transform element was emtpy"); ! final String name=elem.attributeValue("Algorithm"); ! final Class imp=(Class)instance().implementations.get(name); ! if (imp==null) ! throw new XMLTransformNotFoundException("The Transform: "+name+" wasnt found"); ! final Class[] params= new Class[] { Element.class}; try { ! final Constructor constructor=imp.getConstructor(params); ! return (Transform)constructor.newInstance(new Element[] {elem}); ! } catch (NoSuchMethodException e) { ! e.printStackTrace(); //To change body of catch statement use Options | File Templates. ! } catch (SecurityException e) { ! e.printStackTrace(); //To change body of catch statement use Options | File Templates. } catch (InstantiationException e) { ! e.printStackTrace(); //To change body of catch statement use Options | File Templates. } catch (IllegalAccessException e) { ! e.printStackTrace(); //To change body of catch statement use Options | File Templates. ! } catch (InvocationTargetException e) { ! e.printStackTrace(); //To change body of catch statement use Options | File Templates. } - return null; } public static final Transform make(final String algorithm) throws XMLTransformNotFoundException { ! final Class imp=(Class)instance().implementations.get(algorithm); ! if (imp==null) { ! throw new XMLTransformNotFoundException("The Transform: "+algorithm+" wasnt found"); } try { ! return (Transform)imp.newInstance(); } catch (SecurityException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. --- 16,45 ---- public final class TransformerFactory { ! public static final Transform make(final Element elem) throws XMLTransformNotFoundException { ! if (elem == null) throw new XMLTransformNotFoundException("The Transform element was emtpy"); ! final String name = elem.attributeValue("Algorithm"); ! final Class imp = (Class) instance().implementations.get(name); ! if (imp == null) ! throw new XMLTransformNotFoundException("The Transform: " + name + " wasnt found"); try { ! return (Transform) imp.newInstance(); } catch (InstantiationException e) { ! e.printStackTrace(); } catch (IllegalAccessException e) { ! e.printStackTrace(); } return null; } + public static final Transform make(final String algorithm) throws XMLTransformNotFoundException { ! final Class imp = (Class) instance().implementations.get(algorithm); ! if (imp == null) { ! throw new XMLTransformNotFoundException("The Transform: " + algorithm + " wasnt found"); } try { ! return (Transform) imp.newInstance(); } catch (SecurityException e) { e.printStackTrace(); //To change body of catch statement use Options | File Templates. *************** *** 65,86 **** public static final void registerTransformer(final String algorithm, final Class implementation) { ! instance().implementations.put(algorithm,implementation); } ! private TransformerFactory () { ! implementations=new HashMap(); } private static synchronized TransformerFactory instance() { ! if (singleton==null) { ! singleton=new TransformerFactory(); ! registerTransformer(DropSignatureTransform.ALGORITHM,DropSignatureTransform.class); ! registerTransformer(Canonicalizer.ALGORITHM,Canonicalizer.class); ! registerTransformer(CanonicalizerWithComments.ALGORITHM,CanonicalizerWithComments.class); ! registerTransformer(ClearTransform.ALGORITHM,ClearTransform.class); ! registerTransformer(OpaqueTransform.ALGORITHM,OpaqueTransform.class); } return singleton; } private final HashMap implementations; private static TransformerFactory singleton; --- 55,77 ---- public static final void registerTransformer(final String algorithm, final Class implementation) { ! instance().implementations.put(algorithm, implementation); } ! private TransformerFactory() { ! implementations = new HashMap(); } private static synchronized TransformerFactory instance() { ! if (singleton == null) { ! singleton = new TransformerFactory(); ! registerTransformer(EnvelopedSignatureTransform.ALGORITHM, EnvelopedSignatureTransform.class); ! registerTransformer(Canonicalizer.ALGORITHM, Canonicalizer.class); ! registerTransformer(CanonicalizerWithComments.ALGORITHM, CanonicalizerWithComments.class); ! registerTransformer(ClearTransform.ALGORITHM, ClearTransform.class); ! registerTransformer(OpaqueTransform.ALGORITHM, OpaqueTransform.class); } return singleton; } + private final HashMap implementations; private static TransformerFactory singleton; *************** *** 88,94 **** // This is just to make sure that they register themselves static { ! Class touch=DropSignatureTransform.class; ! touch=Canonicalizer.class; ! touch=CanonicalizerWithComments.class; } --- 79,85 ---- // This is just to make sure that they register themselves static { ! Class touch = EnvelopedSignatureTransform.class; ! touch = Canonicalizer.class; ! touch = CanonicalizerWithComments.class; } Index: XPathTransform.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/transforms/XPathTransform.java,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** XPathTransform.java 19 Feb 2004 19:37:34 -0000 1.4 --- XPathTransform.java 8 Mar 2004 23:51:03 -0000 1.5 *************** *** 1,7 **** package org.neuclear.xml.transforms; import org.neuclear.xml.xmlsec.XMLSecTools; import org.neuclear.xml.xmlsec.XMLSecurityException; ! import org.dom4j.*; import java.util.HashMap; import java.util.List; --- 1,8 ---- package org.neuclear.xml.transforms; + import org.dom4j.*; import org.neuclear.xml.xmlsec.XMLSecTools; import org.neuclear.xml.xmlsec.XMLSecurityException; ! import java.util.HashMap; import java.util.List; *************** *** 30,33 **** --- 31,40 ---- } + protected XPathTransform(final String algorithm, final String xpath) { + super(algorithm); + // this.xpath=xpath; + setXPath(xpath); + } + private void setXPath(final String xpath) { // XPathFilter=DocumentHelper.createXPath(xpath); --- DropSignatureTransform.java DELETED --- |
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/c14 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/java/org/neuclear/xml/c14 Modified Files: Canonicalizer.java CanonicalizerWithComments.java CanonicalizerWithoutSignature.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: Canonicalizer.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/c14/Canonicalizer.java,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** Canonicalizer.java 3 Mar 2004 23:23:24 -0000 1.12 --- Canonicalizer.java 8 Mar 2004 23:51:02 -0000 1.13 *************** *** 8,11 **** --- 8,15 ---- * $Id$ * $Log$ + * Revision 1.13 2004/03/08 23:51:02 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.12 2004/03/03 23:23:24 pelle * Interops with enveloped signatures. *************** *** 142,145 **** --- 146,150 ---- import org.dom4j.*; import org.dom4j.tree.NamespaceStack; + import org.neuclear.commons.Utility; import org.neuclear.xml.ElementProxy; import org.neuclear.xml.XMLTools; *************** *** 147,151 **** import org.neuclear.xml.transforms.XPathTransform; import org.neuclear.xml.xmlsec.XMLSecurityException; - import org.neuclear.commons.Utility; import java.io.*; --- 152,155 ---- *************** *** 166,174 **** public Canonicalizer() { ! this(XPATH_WO_COMMENTS); } ! protected Canonicalizer(final String xpath) { ! super(xpath); } --- 170,178 ---- public Canonicalizer() { ! this(ALGORITHM, XPATH_WO_COMMENTS); } ! protected Canonicalizer(final String algorithm, final String xpath) { ! super(algorithm, xpath); } Index: CanonicalizerWithComments.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/c14/CanonicalizerWithComments.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** CanonicalizerWithComments.java 21 Nov 2003 04:44:30 -0000 1.3 --- CanonicalizerWithComments.java 8 Mar 2004 23:51:03 -0000 1.4 *************** *** 3,8 **** import org.neuclear.xml.transforms.TransformerFactory; - import java.io.Writer; - /** * (C) 2003 Antilles Software Ventures SA --- 3,6 ---- *************** *** 12,15 **** --- 10,17 ---- * $Id$ * $Log$ + * Revision 1.4 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.3 2003/11/21 04:44:30 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. *************** *** 17,21 **** * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). ! * * Revision 1.2 2003/11/11 21:18:07 pelle * Further vital reshuffling. --- 19,23 ---- * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). ! * <p/> * Revision 1.2 2003/11/11 21:18:07 pelle * Further vital reshuffling. *************** *** 23,31 **** * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. ! * * Revision 1.1.1.1 2003/11/11 16:33:20 pelle * Moved over from neudist.org * Moved remaining common utilities into commons ! * * Revision 1.1 2003/02/08 18:48:07 pelle * The Signature phase has been rewritten. --- 25,33 ---- * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. ! * <p/> * Revision 1.1.1.1 2003/11/11 16:33:20 pelle * Moved over from neudist.org * Moved remaining common utilities into commons ! * <p/> * Revision 1.1 2003/02/08 18:48:07 pelle * The Signature phase has been rewritten. *************** *** 38,52 **** * And CanonicalizerWithoutSignature which leaves out the Signature in the Canonicalization phase and is thus * a lot more efficient than the previous approach. - * */ ! public final class CanonicalizerWithComments extends Canonicalizer{ public CanonicalizerWithComments() { ! super(XPATH_W_COMMENTS); } public static final String XPATH_W_COMMENTS = "(//. | //@* | //namespace::*| self::processing-instruction()|self::comment())"; ! public static final String ALGORITHM="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; { ! TransformerFactory.registerTransformer(ALGORITHM,CanonicalizerWithComments.class); } --- 40,55 ---- * And CanonicalizerWithoutSignature which leaves out the Signature in the Canonicalization phase and is thus * a lot more efficient than the previous approach. */ ! public final class CanonicalizerWithComments extends Canonicalizer { public CanonicalizerWithComments() { ! super(ALGORITHM, XPATH_W_COMMENTS); } + public static final String XPATH_W_COMMENTS = "(//. | //@* | //namespace::*| self::processing-instruction()|self::comment())"; ! public static final String ALGORITHM = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; ! { ! TransformerFactory.registerTransformer(ALGORITHM, CanonicalizerWithComments.class); } Index: CanonicalizerWithoutSignature.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/c14/CanonicalizerWithoutSignature.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** CanonicalizerWithoutSignature.java 21 Nov 2003 04:44:30 -0000 1.3 --- CanonicalizerWithoutSignature.java 8 Mar 2004 23:51:03 -0000 1.4 *************** *** 1,9 **** package org.neuclear.xml.c14; - import org.dom4j.QName; import org.neuclear.xml.transforms.TransformerFactory; - import org.neuclear.xml.xmlsec.XMLSecTools; - - import java.io.Writer; /** --- 1,5 ---- *************** *** 14,17 **** --- 10,17 ---- * $Id$ * $Log$ + * Revision 1.4 2004/03/08 23:51:03 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.3 2003/11/21 04:44:30 pelle * EncryptedFileStore now works. It uses the PBECipher with DES3 afair. *************** *** 19,23 **** * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). ! * * Revision 1.2 2003/11/11 21:18:07 pelle * Further vital reshuffling. --- 19,23 ---- * Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final. * This should hopefully make everything more stable (and secure). ! * <p/> * Revision 1.2 2003/11/11 21:18:07 pelle * Further vital reshuffling. *************** *** 25,43 **** * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. ! * * Revision 1.1.1.1 2003/11/11 16:33:20 pelle * Moved over from neudist.org * Moved remaining common utilities into commons ! * * Revision 1.3 2003/02/21 22:48:14 pelle * New Test Infrastructure * Added test keys in src/testdata/keys * Modified tools to handle these keys ! * * Revision 1.2 2003/02/11 14:47:03 pelle * Added benchmarking code. * DigestValue is now a required part. * If you pass a keypair when you sign, you get the PublicKey included as a KeyInfo block within the signature. ! * * Revision 1.1 2003/02/08 18:48:07 pelle * The Signature phase has been rewritten. --- 25,43 ---- * org.neuclear.signers.* as well as org.neuclear.passphraseagents have been moved under org.neuclear.commons.crypto as well. * Did a bit of work on the Canonicalizer and changed a few other minor bits. ! * <p/> * Revision 1.1.1.1 2003/11/11 16:33:20 pelle * Moved over from neudist.org * Moved remaining common utilities into commons ! * <p/> * Revision 1.3 2003/02/21 22:48:14 pelle * New Test Infrastructure * Added test keys in src/testdata/keys * Modified tools to handle these keys ! * <p/> * Revision 1.2 2003/02/11 14:47:03 pelle * Added benchmarking code. * DigestValue is now a required part. * If you pass a keypair when you sign, you get the PublicKey included as a KeyInfo block within the signature. ! * <p/> * Revision 1.1 2003/02/08 18:48:07 pelle * The Signature phase has been rewritten. *************** *** 50,65 **** * And CanonicalizerWithoutSignature which leaves out the Signature in the Canonicalization phase and is thus * a lot more efficient than the previous approach. - * */ ! public final class CanonicalizerWithoutSignature extends Canonicalizer{ public CanonicalizerWithoutSignature() { ! super(XPATH_W_COMMENTS); } public static final String XPATH_W_COMMENTS = "(//. | //@* | //namespace::*| self::processing-instruction())[not(self::ds:Signature)]"; ! public static final String ALGORITHM="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; { ! TransformerFactory.registerTransformer(ALGORITHM,CanonicalizerWithoutSignature.class); } --- 50,66 ---- * And CanonicalizerWithoutSignature which leaves out the Signature in the Canonicalization phase and is thus * a lot more efficient than the previous approach. */ ! public final class CanonicalizerWithoutSignature extends Canonicalizer { public CanonicalizerWithoutSignature() { ! super(ALGORITHM, XPATH_W_COMMENTS); } + public static final String XPATH_W_COMMENTS = "(//. | //@* | //namespace::*| self::processing-instruction())[not(self::ds:Signature)]"; ! public static final String ALGORITHM = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; ! { ! TransformerFactory.registerTransformer(ALGORITHM, CanonicalizerWithoutSignature.class); } |
|
From: <pe...@us...> - 2004-03-09 00:07:48
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/c14 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23732/src/test/org/neuclear/xml/c14 Removed Files: SimpleCanonicalizationTest.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. --- SimpleCanonicalizationTest.java DELETED --- |
|
From: <pe...@us...> - 2004-03-09 00:07:25
|
Update of /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23642/src/test/org/neuclear/commons/crypto/channels Modified Files: SigningChannelTest.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: SigningChannelTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels/SigningChannelTest.java,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** SigningChannelTest.java 8 Mar 2004 17:13:54 -0000 1.3 --- SigningChannelTest.java 8 Mar 2004 23:50:34 -0000 1.4 *************** *** 2,16 **** import junit.framework.TestCase; - import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.CryptoException; ! ! import java.security.*; ! import java.nio.ByteBuffer; ! import java.nio.channels.FileChannel; ! import java.io.IOException; import java.io.File; import java.io.FileInputStream; ! import java.io.BufferedInputStream; /** --- 2,15 ---- import junit.framework.TestCase; import org.neuclear.commons.crypto.CryptoException; + import org.neuclear.commons.crypto.CryptoTools; ! import java.io.BufferedInputStream; import java.io.File; import java.io.FileInputStream; ! import java.io.IOException; ! import java.nio.ByteBuffer; ! import java.nio.channels.FileChannel; ! import java.security.*; /** *************** *** 22,32 **** */ public class SigningChannelTest extends TestCase { ! public SigningChannelTest(String name) throws NoSuchAlgorithmException { super(name); ! kp = CryptoTools.createTinyKeyPair(); } public void testSign() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! for (int i=0;i<TESTSTRINGS.length;i++){ assertSignatureEquals(TESTSTRINGS[i].getBytes()); } --- 21,31 ---- */ public class SigningChannelTest extends TestCase { ! public SigningChannelTest(String name) throws NoSuchAlgorithmException { super(name); ! kp = CryptoTools.createTinyRSAKeyPair(); } public void testSign() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! for (int i = 0; i < TESTSTRINGS.length; i++) { assertSignatureEquals(TESTSTRINGS[i].getBytes()); } *************** *** 35,112 **** public void testFileDigest() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! File cd=new File("src/java/org/neuclear/commons/crypto"); ! File files[]=cd.listFiles(); ! System.out.println("Testing Digests on: "+files.length+" files"); ! for (int i=0;i<files.length;i++){ if (files[i].isFile()) ! assertSignatureEquals(files[i]); } } ! public byte [] getChannelSignature(byte[] data) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! SigningChannel ch=new SigningChannel(kp.getPrivate()); ! ByteBuffer buf=ByteBuffer.wrap(data); ch.write(buf); return ch.getSignature(); } ! public byte [] getNormalSignature(byte[] data) throws CryptoException { ! return CryptoTools.sign(kp,data); } ! public boolean verifyChannelSignature(byte[] data,byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ! ByteBuffer buf=ByteBuffer.wrap(data); ch.write(buf); return ch.verify(sig); } ! public boolean verifyNormalSignature(byte[] data,byte[] sig) throws CryptoException { ! return CryptoTools.verify(kp.getPublic(),data,sig); } public void assertSignatureEquals(byte[] data) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig=getChannelSignature(data); ! assertEquals("Signature Match",new String(getNormalSignature(data)),new String(sig)); ! assertTrue("Signature Channel Verify",verifyChannelSignature(data,sig)); ! assertTrue("Signature Channel Normal",verifyNormalSignature(data,sig)); } public void assertSignatureEquals(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig=getChannelSignature(file); ! assertEquals("Signature Match",new String(getNormalSignature(file)),new String(sig)); ! assertTrue("Signature Channel Verify",verifyChannelSignature(file,sig)); ! assertTrue("Signature Channel Normal",verifyNormalSignature(file,sig)); } public byte[] getChannelSignature(File file) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! SigningChannel ch=new SigningChannel(kp.getPrivate()); ! FileChannel fch=new FileInputStream(file).getChannel(); ! fch.transferTo(0,fch.size(),ch); return ch.getSignature(); } ! public boolean verifyChannelSignature(File file,byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ! FileChannel fch=new FileInputStream(file).getChannel(); ! fch.transferTo(0,fch.size(),ch); return ch.verify(sig); } public byte[] getNormalSignature(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { ! Signature sig=Signature.getInstance("SHA1withRSA"); sig.initSign(kp.getPrivate()); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); ! int numread=0; ! byte buffer[]=new byte[1024]; ! while ((numread=in.read(buffer, 0, buffer.length)) >= 0) { ! sig.update(buffer,0,numread); } in.close(); return sig.sign(); } ! public boolean verifyNormalSignature(File file,byte sigb[]) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { ! Signature sig=Signature.getInstance("SHA1withRSA"); sig.initVerify(kp.getPublic()); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); ! int numread=0; ! byte buffer[]=new byte[1024]; ! while ((numread=in.read(buffer, 0, buffer.length)) >= 0) { ! sig.update(buffer,0,numread); } in.close(); --- 34,119 ---- public void testFileDigest() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! File cd = new File("src/java/org/neuclear/commons/crypto"); ! File files[] = cd.listFiles(); ! System.out.println("Testing Digests on: " + files.length + " files"); ! for (int i = 0; i < files.length; i++) { if (files[i].isFile()) ! assertSignatureEquals(files[i]); } } ! public byte[] getChannelSignature(byte[] data) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! SigningChannel ch = new SigningChannel(kp.getPrivate()); ! ByteBuffer buf = ByteBuffer.wrap(data); ch.write(buf); return ch.getSignature(); } ! ! public byte[] getNormalSignature(byte[] data) throws CryptoException { ! return CryptoTools.sign(kp, data); } ! ! public boolean verifyChannelSignature(byte[] data, byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! VerifyingChannel ch = new VerifyingChannel(kp.getPublic()); ! ByteBuffer buf = ByteBuffer.wrap(data); ch.write(buf); return ch.verify(sig); } ! ! public boolean verifyNormalSignature(byte[] data, byte[] sig) throws CryptoException { ! return CryptoTools.verify(kp.getPublic(), data, sig); } + public void assertSignatureEquals(byte[] data) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig = getChannelSignature(data); ! assertEquals("Signature Match", new String(getNormalSignature(data)), new String(sig)); ! assertTrue("Signature Channel Verify", verifyChannelSignature(data, sig)); ! assertTrue("Signature Channel Normal", verifyNormalSignature(data, sig)); } + public void assertSignatureEquals(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig = getChannelSignature(file); ! assertEquals("Signature Match", new String(getNormalSignature(file)), new String(sig)); ! assertTrue("Signature Channel Verify", verifyChannelSignature(file, sig)); ! assertTrue("Signature Channel Normal", verifyNormalSignature(file, sig)); } public byte[] getChannelSignature(File file) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! SigningChannel ch = new SigningChannel(kp.getPrivate()); ! FileChannel fch = new FileInputStream(file).getChannel(); ! fch.transferTo(0, fch.size(), ch); return ch.getSignature(); } ! ! public boolean verifyChannelSignature(File file, byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! VerifyingChannel ch = new VerifyingChannel(kp.getPublic()); ! FileChannel fch = new FileInputStream(file).getChannel(); ! fch.transferTo(0, fch.size(), ch); return ch.verify(sig); } + public byte[] getNormalSignature(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { ! Signature sig = Signature.getInstance("SHA1withRSA"); sig.initSign(kp.getPrivate()); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); ! int numread = 0; ! byte buffer[] = new byte[1024]; ! while ((numread = in.read(buffer, 0, buffer.length)) >= 0) { ! sig.update(buffer, 0, numread); } in.close(); return sig.sign(); } ! ! public boolean verifyNormalSignature(File file, byte sigb[]) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { ! Signature sig = Signature.getInstance("SHA1withRSA"); sig.initVerify(kp.getPublic()); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); ! int numread = 0; ! byte buffer[] = new byte[1024]; ! while ((numread = in.read(buffer, 0, buffer.length)) >= 0) { ! sig.update(buffer, 0, numread); } in.close(); *************** *** 118,121 **** --- 125,129 ---- * * @throws org.neuclear.commons.crypto.CryptoException + * */ public void testBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { *************** *** 130,153 **** System.out.println("\nNormal Signing benchmarks:"); ! start=System.currentTimeMillis(); ! for (int i=0;i<ITERATIONS;i++){ getNormalSignature(TESTSTRINGS[i % TESTSTRINGS.length].getBytes()); } ! dur=System.currentTimeMillis()-start; ! System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException */ public void testFileBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("File SigningChannel benchmarks:"); ! File cd=new File("src/java/org/neuclear/commons/crypto"); ! File files[]=cd.listFiles(); long start = System.currentTimeMillis(); ! for (int i=0;i<ITERATIONS;i++){ ! if (files[i% files.length].isFile()) getChannelSignature(files[i % files.length]); } --- 138,163 ---- System.out.println("\nNormal Signing benchmarks:"); ! start = System.currentTimeMillis(); ! for (int i = 0; i < ITERATIONS; i++) { getNormalSignature(TESTSTRINGS[i % TESTSTRINGS.length].getBytes()); } ! dur = System.currentTimeMillis() - start; ! System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); } + /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException + * */ public void testFileBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("File SigningChannel benchmarks:"); ! File cd = new File("src/java/org/neuclear/commons/crypto"); ! File files[] = cd.listFiles(); long start = System.currentTimeMillis(); ! for (int i = 0; i < ITERATIONS; i++) { ! if (files[i % files.length].isFile()) getChannelSignature(files[i % files.length]); } *************** *** 156,166 **** System.out.println("\nNormal File signing benchmarks:"); ! start=System.currentTimeMillis(); ! for (int i=0;i<ITERATIONS;i++){ ! if (files[i% files.length].isFile()) getNormalSignature(files[i % files.length]); } ! dur=System.currentTimeMillis()-start; ! System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } --- 166,176 ---- System.out.println("\nNormal File signing benchmarks:"); ! start = System.currentTimeMillis(); ! for (int i = 0; i < ITERATIONS; i++) { ! if (files[i % files.length].isFile()) getNormalSignature(files[i % files.length]); } ! dur = System.currentTimeMillis() - start; ! System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); } |
|
From: <pe...@us...> - 2004-03-09 00:07:20
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23642/src/java/org/neuclear/commons/crypto Modified Files: CryptoTools.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. Index: CryptoTools.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/CryptoTools.java,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** CryptoTools.java 5 Mar 2004 23:43:06 -0000 1.15 --- CryptoTools.java 8 Mar 2004 23:50:34 -0000 1.16 *************** *** 2,5 **** --- 2,9 ---- * $Id$ * $Log$ + * Revision 1.16 2004/03/08 23:50:34 pelle + * More improvements on the XMLSignature. Now uses the Transforms properly, References properly. + * All the major elements have been refactored to be cleaner and more correct. + * * Revision 1.15 2004/03/05 23:43:06 pelle * New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 693,698 **** } ! public static KeyPair createTinyKeyPair() throws NoSuchAlgorithmException { ! return getTinyKeyPairGenerator().generateKeyPair(); } --- 697,706 ---- } ! public static KeyPair createTinyRSAKeyPair() throws NoSuchAlgorithmException { ! return getTinyRSAKeyPairGenerator().generateKeyPair(); ! } ! ! public static KeyPair createTinyDSAKeyPair() throws NoSuchAlgorithmException { ! return getTinyDSAKeyPairGenerator().generateKeyPair(); } *************** *** 712,716 **** } ! public static KeyPairGenerator getTinyKeyPairGenerator() throws NoSuchAlgorithmException { if (kg == null) { kg = KeyPairGenerator.getInstance("RSA"); --- 720,724 ---- } ! public static KeyPairGenerator getTinyRSAKeyPairGenerator() throws NoSuchAlgorithmException { if (kg == null) { kg = KeyPairGenerator.getInstance("RSA"); *************** *** 722,725 **** --- 730,743 ---- } + public static KeyPairGenerator getTinyDSAKeyPairGenerator() throws NoSuchAlgorithmException { + if (kg == null) { + kg = KeyPairGenerator.getInstance("DSA"); + + kg.initialize(512, new SecureRandom("Bear it all with NeuDist".getBytes())); + } + return kg; + + } + public static KeyPairGenerator getKeyPairGenerator(final String algorithm) throws NoSuchAlgorithmException { |
|
From: <pe...@us...> - 2004-03-09 00:07:19
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/test In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23642/src/java/org/neuclear/commons/test Removed Files: JunitTools.java Log Message: More improvements on the XMLSignature. Now uses the Transforms properly, References properly. All the major elements have been refactored to be cleaner and more correct. --- JunitTools.java DELETED --- |
|
From: <pe...@us...> - 2004-03-08 17:30:38
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32741/src/java/org/neuclear/commons/crypto/channels Modified Files: AbstractCryptoChannel.java AbstractEncodingChannel.java AbstractSignatureChannel.java DigestChannel.java SigningChannel.java VerifyingChannel.java Added Files: Base32EncodingChannel.java CipherChannel.java Log Message: Added CipherChannel and the beginnings of a Base32EncodingChannel. The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. --- NEW FILE: Base32EncodingChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.nio.ByteBuffer; /** * Created by IntelliJ IDEA. * User: pelleb * Date: Mar 8, 2004 * Time: 11:38:48 AM * To change this template use File | Settings | File Templates. */ public class Base32EncodingChannel extends AbstractEncodingChannel { public Base32EncodingChannel() throws IOException { chunk=new byte[5]; } int encode(ByteBuffer buffer) throws IOException { int size = buffer.limit()-buffer.position(); int chunkSize= (size<5)?size:5; buffer.get(chunk,0,chunkSize); //TODO finish method return chunkSize; } final byte chunk[]; } --- NEW FILE: CipherChannel.java --- package org.neuclear.commons.crypto.channels; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.IllegalBlockSizeException; import javax.crypto.BadPaddingException; import java.nio.ByteBuffer; import java.nio.channels.ClosedChannelException; import java.nio.channels.ReadableByteChannel; import java.nio.channels.Pipe; import java.io.IOException; import java.security.NoSuchAlgorithmException; import java.security.SignatureException; /** * Created by IntelliJ IDEA. * User: pelleb * Date: Mar 8, 2004 * Time: 10:06:40 AM * To change this template use File | Settings | File Templates. */ public class CipherChannel extends AbstractCryptoChannel{ public CipherChannel(final Cipher cipher) throws IOException { this.cipher = cipher; } public int write(ByteBuffer buffer) throws IOException { if (closed) throw new ClosedChannelException(); final int size = buffer.limit()-buffer.position(); final int count; if (!buffer.isDirect()) { bytes=buffer.array(); count=buffer.limit(); } else { if (bytes==null) bytes=new byte[size]; count=Math.min(size,bytes.length); buffer.get(bytes,0,count); } write(cipher.update(bytes,0,count)); return count; } public void close() throws IOException { try { write(cipher.doFinal()); super.close(); } catch (IllegalBlockSizeException e) { throw new IOException(e.getLocalizedMessage()); } catch (BadPaddingException e) { throw new IOException(e.getLocalizedMessage()); } } private final Cipher cipher; private byte[] bytes; } Index: AbstractCryptoChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/AbstractCryptoChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AbstractCryptoChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- AbstractCryptoChannel.java 8 Mar 2004 17:13:54 -0000 1.2 *************** *** 3,6 **** --- 3,10 ---- import java.io.IOException; import java.nio.channels.WritableByteChannel; + import java.nio.channels.Pipe; + import java.nio.channels.ReadableByteChannel; + import java.nio.channels.Channels; + import java.nio.ByteBuffer; /* *************** *** 24,27 **** --- 28,36 ---- $Id$ $Log$ + Revision 1.2 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 32,40 **** /** ! * User: pelleb ! * Date: Mar 5, 2004 ! * Time: 11:06:24 PM */ public abstract class AbstractCryptoChannel implements WritableByteChannel { public boolean isOpen() { return !closed; --- 41,51 ---- /** ! * An abstract Channel class used to build various crypto related Channels */ public abstract class AbstractCryptoChannel implements WritableByteChannel { + protected AbstractCryptoChannel() throws IOException { + pipe=Pipe.open(); + } + public boolean isOpen() { return !closed; *************** *** 43,48 **** --- 54,107 ---- public void close() throws IOException { closed = true; + pipe.sink().close(); + } + + /** + * Gets the Readable channel for reading the output of this channel. + * @return + */ + public Pipe.SourceChannel source(){ + return pipe.source(); } + /** + * Used by sub classes to write byte arrays to the output. + * @param data + * @return + * @throws IOException + */ + protected int write(byte data[]) throws IOException { + int count=0; + int written=0; + final ByteBuffer buffer = ByteBuffer.wrap(data); + while( (written=pipe.sink().write(buffer))>0) {count+=written ;}; + return count; + } + + /** + * Read and process all data from a given pipe. + * This closes the input channel when end of stream is reached. + * @param channel + * @throws IOException + */ + public void pipe(ReadableByteChannel channel) throws IOException { + ByteBuffer buffer=ByteBuffer.allocate(128); + while(channel.read(buffer)>=0){ + while(write(buffer)>0){}; + } + channel.close(); + close(); + } + + /** + * Convenience method for linking together multiple AbstractCryptoChannels into a Crypto pipeline. + * @param channel + * @throws IOException + */ + public void pipe(AbstractCryptoChannel channel) throws IOException { + pipe(channel.source()); + } protected boolean closed = false; + private final Pipe pipe; + } Index: AbstractEncodingChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/AbstractEncodingChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AbstractEncodingChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- AbstractEncodingChannel.java 8 Mar 2004 17:13:54 -0000 1.2 *************** *** 26,29 **** --- 26,34 ---- $Id$ $Log$ + Revision 1.2 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 38,46 **** * TODO This should probably be blocking. */ ! public abstract class AbstractEncodingChannel extends AbstractCryptoChannel implements ReadableByteChannel { ! protected AbstractEncodingChannel(int inChunkSize, int outChunkSize) { ! this.outChunkSize = outChunkSize; ! this.inChunkSize = inChunkSize; ! buf = ByteBuffer.allocate(outChunkSize); } --- 43,48 ---- * TODO This should probably be blocking. */ ! public abstract class AbstractEncodingChannel extends AbstractCryptoChannel { ! protected AbstractEncodingChannel() throws IOException { } *************** *** 51,63 **** } ! public int read(ByteBuffer buffer) throws IOException { ! if (closed) ! throw new ClosedChannelException(); ! return 0; ! } - protected final int outChunkSize; - protected final int inChunkSize; - protected final ByteBuffer buf; } --- 53,59 ---- } ! abstract int encode(ByteBuffer buffer) throws IOException; ! } Index: AbstractSignatureChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/AbstractSignatureChannel.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** AbstractSignatureChannel.java 6 Mar 2004 20:50:28 -0000 1.2 --- AbstractSignatureChannel.java 8 Mar 2004 17:13:54 -0000 1.3 *************** *** 28,31 **** --- 28,36 ---- $Id$ $Log$ + Revision 1.3 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.2 2004/03/06 20:50:28 pelle Added Unit tests for DigestChannel and SigningChannel. *************** *** 47,59 **** */ public abstract class AbstractSignatureChannel extends AbstractCryptoChannel { ! AbstractSignatureChannel(Signature sig) { this.sig = sig; } ! AbstractSignatureChannel(String alg) throws NoSuchAlgorithmException { this(Signature.getInstance(alg)); } ! AbstractSignatureChannel() throws NoSuchAlgorithmException { this("SHA1withRSA"); } --- 52,64 ---- */ public abstract class AbstractSignatureChannel extends AbstractCryptoChannel { ! AbstractSignatureChannel(Signature sig) throws IOException { this.sig = sig; } ! AbstractSignatureChannel(String alg) throws NoSuchAlgorithmException, IOException { this(Signature.getInstance(alg)); } ! AbstractSignatureChannel() throws NoSuchAlgorithmException, IOException { this("SHA1withRSA"); } Index: DigestChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/DigestChannel.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** DigestChannel.java 6 Mar 2004 20:50:28 -0000 1.2 --- DigestChannel.java 8 Mar 2004 17:13:54 -0000 1.3 *************** *** 1,4 **** --- 1,6 ---- package org.neuclear.commons.crypto.channels; + import org.neuclear.commons.crypto.CryptoException; + import java.io.IOException; import java.nio.ByteBuffer; *************** *** 27,30 **** --- 29,37 ---- $Id$ $Log$ + Revision 1.3 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.2 2004/03/06 20:50:28 pelle Added Unit tests for DigestChannel and SigningChannel. *************** *** 44,57 **** */ public class DigestChannel extends AbstractCryptoChannel { ! public DigestChannel() throws NoSuchAlgorithmException { this("SHA1"); } ! public DigestChannel(MessageDigest digest) throws NoSuchAlgorithmException { this.digest = digest; } ! public DigestChannel(String alg) throws NoSuchAlgorithmException { this(MessageDigest.getInstance(alg)); } --- 51,64 ---- */ public class DigestChannel extends AbstractCryptoChannel { ! public DigestChannel() throws NoSuchAlgorithmException, IOException { this("SHA1"); } ! public DigestChannel(MessageDigest digest) throws IOException { this.digest = digest; } ! public DigestChannel(String alg) throws NoSuchAlgorithmException, IOException { this(MessageDigest.getInstance(alg)); } *************** *** 69,72 **** --- 76,85 ---- } + public void close() throws IOException { + bytes=digest.digest(); + write(bytes); + super.close(); + } + /** * Call this to get the Digest *************** *** 74,82 **** * @return */ ! public byte[] getDigest() { ! return digest.digest(); } private final MessageDigest digest; private byte[] bytes; } --- 87,102 ---- * @return */ ! public byte[] getDigest() throws CryptoException { ! try { ! close(); ! source().close(); ! return bytes; ! } catch (IOException e) { ! throw new CryptoException(e); ! } } private final MessageDigest digest; private byte[] bytes; + } Index: SigningChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/SigningChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SigningChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- SigningChannel.java 8 Mar 2004 17:13:54 -0000 1.2 *************** *** 24,27 **** --- 24,32 ---- $Id$ $Log$ + Revision 1.2 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 38,59 **** public class SigningChannel extends AbstractSignatureChannel { ! public SigningChannel(Signature sig, PrivateKey key) throws InvalidKeyException { super(sig); sig.initSign(key); } ! public SigningChannel(String alg, PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(alg); sig.initSign(key); } ! public SigningChannel(PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException { sig.initSign(key); } public byte[] getSignature() throws SignatureException, IOException { - byte signature[] = sig.sign(); close(); return signature; } } --- 43,76 ---- public class SigningChannel extends AbstractSignatureChannel { ! public SigningChannel(Signature sig, PrivateKey key) throws InvalidKeyException, IOException { super(sig); sig.initSign(key); } ! public SigningChannel(String alg, PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException, IOException { super(alg); sig.initSign(key); } ! public SigningChannel(PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException, IOException { sig.initSign(key); } + public void close() throws IOException { + try { + signature = sig.sign(); + write(signature); + } catch (SignatureException e) { + throw new IOException(e.getLocalizedMessage()); + } + super.close(); + } + public byte[] getSignature() throws SignatureException, IOException { close(); + source().close(); return signature; } + + private byte[] signature; } Index: VerifyingChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/VerifyingChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** VerifyingChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- VerifyingChannel.java 8 Mar 2004 17:13:54 -0000 1.2 *************** *** 24,27 **** --- 24,32 ---- $Id$ $Log$ + Revision 1.2 2004/03/08 17:13:54 pelle + Added CipherChannel and the beginnings of a Base32EncodingChannel. + The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. + To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 36,57 **** public class VerifyingChannel extends AbstractSignatureChannel { ! public VerifyingChannel(Signature sig, PublicKey key) throws InvalidKeyException { super(sig); sig.initVerify(key); } ! public VerifyingChannel(String alg, PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(alg); sig.initVerify(key); } ! public VerifyingChannel(PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException { sig.initVerify(key); } public boolean verify(byte signature[]) throws SignatureException, IOException { - boolean verified = sig.verify(signature); close(); ! return verified; } } --- 41,62 ---- public class VerifyingChannel extends AbstractSignatureChannel { ! public VerifyingChannel(Signature sig, PublicKey key) throws InvalidKeyException, IOException { super(sig); sig.initVerify(key); } ! public VerifyingChannel(String alg, PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException, IOException { super(alg); sig.initVerify(key); } ! public VerifyingChannel(PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException, IOException { sig.initVerify(key); } public boolean verify(byte signature[]) throws SignatureException, IOException { close(); ! source().close(); ! return sig.verify(signature); } } |
|
From: <pe...@us...> - 2004-03-08 17:30:37
|
Update of /cvsroot/neuclear/neuclear-commons In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32741 Modified Files: project.properties project.xml Log Message: Added CipherChannel and the beginnings of a Base32EncodingChannel. The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. Index: project.properties =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/project.properties,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** project.properties 2 Mar 2004 18:39:37 -0000 1.15 --- project.properties 8 Mar 2004 17:13:54 -0000 1.16 *************** *** 2,6 **** # P R O J E C T P R O P E R T I E S # ------------------------------------------------------------------- ! #maven.test.skip=true maven.compile.debug = on --- 2,6 ---- # P R O J E C T P R O P E R T I E S # ------------------------------------------------------------------- ! maven.test.skip=true maven.compile.debug = on Index: project.xml =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/project.xml,v retrieving revision 1.22 retrieving revision 1.23 diff -C2 -d -r1.22 -r1.23 *** project.xml 20 Jan 2004 17:38:58 -0000 1.22 --- project.xml 8 Mar 2004 17:13:54 -0000 1.23 *************** *** 30,34 **** </repository> ! <siteAddress>neuclear.org</siteAddress> <siteDirectory>/home/sites/neuclear.org/public_html/commons/</siteDirectory> <issueTrackingUrl>http://jira.neuclear.org:8080/</issueTrackingUrl> --- 30,34 ---- </repository> ! <siteAddress>www.neuclear.org</siteAddress> <siteDirectory>/home/sites/neuclear.org/public_html/commons/</siteDirectory> <issueTrackingUrl>http://jira.neuclear.org:8080/</issueTrackingUrl> |
|
From: <pe...@us...> - 2004-03-08 17:30:37
|
Update of /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32741/src/test/org/neuclear/commons/crypto/channels Modified Files: DigestChannelTest.java SigningChannelTest.java Log Message: Added CipherChannel and the beginnings of a Base32EncodingChannel. The AbstractCryptoChannel now is implemented with a pipe. You can get a readable channel with the source() method. To pipe a ReadableByteChannel or another instance of AbstractCryptoChannel into the channel you can now use the pipe() methods. Index: DigestChannelTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels/DigestChannelTest.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** DigestChannelTest.java 6 Mar 2004 20:50:28 -0000 1.1 --- DigestChannelTest.java 8 Mar 2004 17:13:54 -0000 1.2 *************** *** 27,36 **** } ! public void testDigest() throws NoSuchAlgorithmException, IOException { for (int i=0;i<TESTSTRINGS.length;i++){ assertDigestEquals(TESTSTRINGS[i]); } } ! public void testFileDigest() throws NoSuchAlgorithmException, IOException { File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); --- 27,36 ---- } ! public void testDigest() throws NoSuchAlgorithmException, IOException, CryptoException { for (int i=0;i<TESTSTRINGS.length;i++){ assertDigestEquals(TESTSTRINGS[i]); } } ! public void testFileDigest() throws NoSuchAlgorithmException, IOException, CryptoException { File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); *************** *** 41,45 **** } } ! public String getChannelDigest(String data) throws NoSuchAlgorithmException, IOException { DigestChannel ch=new DigestChannel(); ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); --- 41,45 ---- } } ! public String getChannelDigest(String data) throws NoSuchAlgorithmException, IOException, CryptoException { DigestChannel ch=new DigestChannel(); ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); *************** *** 50,59 **** return new String(CryptoTools.digest(data)); } ! public void assertDigestEquals(String data) throws NoSuchAlgorithmException, IOException { String digest=getChannelDigest(data); assertEquals("Digest Length",20,digest.length()); assertEquals("Digest Match",getNormalDigest(data),digest); } ! public String getChannelDigest(File file) throws NoSuchAlgorithmException, IOException { DigestChannel ch=new DigestChannel(); FileChannel fch=new FileInputStream(file).getChannel(); --- 50,59 ---- return new String(CryptoTools.digest(data)); } ! public void assertDigestEquals(String data) throws NoSuchAlgorithmException, IOException, CryptoException { String digest=getChannelDigest(data); assertEquals("Digest Length",20,digest.length()); assertEquals("Digest Match",getNormalDigest(data),digest); } ! public String getChannelDigest(File file) throws NoSuchAlgorithmException, IOException, CryptoException { DigestChannel ch=new DigestChannel(); FileChannel fch=new FileInputStream(file).getChannel(); *************** *** 73,77 **** return new String(dig.digest()); } ! public void assertDigestEquals(File file) throws NoSuchAlgorithmException, IOException { String digest=getChannelDigest(file); assertEquals("Digest Length",20,digest.length()); --- 73,77 ---- return new String(dig.digest()); } ! public void assertDigestEquals(File file) throws NoSuchAlgorithmException, IOException, CryptoException { String digest=getChannelDigest(file); assertEquals("Digest Length",20,digest.length()); Index: SigningChannelTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels/SigningChannelTest.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** SigningChannelTest.java 6 Mar 2004 21:53:51 -0000 1.2 --- SigningChannelTest.java 8 Mar 2004 17:13:54 -0000 1.3 *************** *** 4,8 **** import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.CryptoException; ! import org.neuclear.commons.test.JunitTools; import java.security.*; --- 4,8 ---- import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.CryptoException; ! import java.security.*; |
|
From: <pe...@us...> - 2004-03-06 22:09:01
|
Update of /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20550/src/test/org/neuclear/commons/crypto/channels Modified Files: SigningChannelTest.java Log Message: Now verify works as well Index: SigningChannelTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels/SigningChannelTest.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SigningChannelTest.java 6 Mar 2004 20:50:28 -0000 1.1 --- SigningChannelTest.java 6 Mar 2004 21:53:51 -0000 1.2 *************** *** 29,33 **** public void testSign() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { for (int i=0;i<TESTSTRINGS.length;i++){ ! assertSignatureEquals(TESTSTRINGS[i]); } --- 29,33 ---- public void testSign() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { for (int i=0;i<TESTSTRINGS.length;i++){ ! assertSignatureEquals(TESTSTRINGS[i].getBytes()); } *************** *** 44,83 **** } ! public String getChannelSignature(String data) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); ! ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); ch.write(buf); ! return new String(ch.getSignature()); } ! public String getNormalSignature(String data) throws CryptoException { ! return new String(CryptoTools.sign(kp,data.getBytes())); } ! public boolean verifyChannelSignature(String data,String sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ! ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); ch.write(buf); ! return ch.verify(sig.getBytes()); } ! public boolean verifyNormalSignature(String data,String sig) throws CryptoException { ! return CryptoTools.verify(kp.getPublic(),data.getBytes(),sig.getBytes()); } ! public void assertSignatureEquals(String data) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! String sig=getChannelSignature(data); ! assertEquals("Signature Match",getNormalSignature(data),sig); assertTrue("Signature Channel Verify",verifyChannelSignature(data,sig)); assertTrue("Signature Channel Normal",verifyNormalSignature(data,sig)); } public void assertSignatureEquals(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! String sig=getChannelSignature(file); ! assertEquals("Signature Match",getNormalSignature(file),sig); } ! public String getChannelSignature(File file) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); FileChannel fch=new FileInputStream(file).getChannel(); fch.transferTo(0,fch.size(),ch); ! return new String(ch.getSignature()); } ! public String getNormalSignature(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { Signature sig=Signature.getInstance("SHA1withRSA"); sig.initSign(kp.getPrivate()); --- 44,91 ---- } ! public byte [] getChannelSignature(byte[] data) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); ! ByteBuffer buf=ByteBuffer.wrap(data); ch.write(buf); ! return ch.getSignature(); } ! public byte [] getNormalSignature(byte[] data) throws CryptoException { ! return CryptoTools.sign(kp,data); } ! public boolean verifyChannelSignature(byte[] data,byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ! ByteBuffer buf=ByteBuffer.wrap(data); ch.write(buf); ! return ch.verify(sig); } ! public boolean verifyNormalSignature(byte[] data,byte[] sig) throws CryptoException { ! return CryptoTools.verify(kp.getPublic(),data,sig); } ! public void assertSignatureEquals(byte[] data) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig=getChannelSignature(data); ! assertEquals("Signature Match",new String(getNormalSignature(data)),new String(sig)); assertTrue("Signature Channel Verify",verifyChannelSignature(data,sig)); assertTrue("Signature Channel Normal",verifyNormalSignature(data,sig)); } public void assertSignatureEquals(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { ! byte[] sig=getChannelSignature(file); ! assertEquals("Signature Match",new String(getNormalSignature(file)),new String(sig)); ! assertTrue("Signature Channel Verify",verifyChannelSignature(file,sig)); ! assertTrue("Signature Channel Normal",verifyNormalSignature(file,sig)); } ! public byte[] getChannelSignature(File file) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); FileChannel fch=new FileInputStream(file).getChannel(); fch.transferTo(0,fch.size(),ch); ! return ch.getSignature(); } ! public boolean verifyChannelSignature(File file,byte[] sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { ! VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ! FileChannel fch=new FileInputStream(file).getChannel(); ! fch.transferTo(0,fch.size(),ch); ! return ch.verify(sig); ! } ! public byte[] getNormalSignature(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { Signature sig=Signature.getInstance("SHA1withRSA"); sig.initSign(kp.getPrivate()); *************** *** 90,94 **** } in.close(); ! return new String(sig.sign()); } --- 98,115 ---- } in.close(); ! return sig.sign(); ! } ! public boolean verifyNormalSignature(File file,byte sigb[]) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { ! Signature sig=Signature.getInstance("SHA1withRSA"); ! sig.initVerify(kp.getPublic()); ! ! BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); ! int numread=0; ! byte buffer[]=new byte[1024]; ! while ((numread=in.read(buffer, 0, buffer.length)) >= 0) { ! sig.update(buffer,0,numread); ! } ! in.close(); ! return sig.verify(sigb); } *************** *** 103,107 **** long start = System.currentTimeMillis(); for (int i = 0; i < ITERATIONS; i++) { ! getChannelSignature(TESTSTRINGS[i % TESTSTRINGS.length]); } long dur = System.currentTimeMillis() - start; --- 124,128 ---- long start = System.currentTimeMillis(); for (int i = 0; i < ITERATIONS; i++) { ! getChannelSignature(TESTSTRINGS[i % TESTSTRINGS.length].getBytes()); } long dur = System.currentTimeMillis() - start; *************** *** 111,115 **** start=System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ ! getNormalSignature(TESTSTRINGS[i % TESTSTRINGS.length]); } dur=System.currentTimeMillis()-start; --- 132,136 ---- start=System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ ! getNormalSignature(TESTSTRINGS[i % TESTSTRINGS.length].getBytes()); } dur=System.currentTimeMillis()-start; |
|
From: <pe...@us...> - 2004-03-06 21:05:35
|
Update of /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9462/src/test/org/neuclear/commons/crypto/channels Added Files: DigestChannelTest.java SigningChannelTest.java Log Message: Added Unit tests for DigestChannel and SigningChannel. The SigningChannel passes for Signing on straight signing of byte arrays as well as from Files Currently the Verifying channel fails, need to investigate. The DigestChannel passes for all types. --- NEW FILE: DigestChannelTest.java --- package org.neuclear.commons.crypto.channels; import junit.framework.TestCase; import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.crypto.Base32; import org.omg.CORBA.portable.InputStream; import java.security.NoSuchAlgorithmException; import java.security.MessageDigest; import java.security.SignatureException; import java.security.InvalidKeyException; import java.nio.ByteBuffer; import java.nio.channels.FileChannel; import java.io.*; /** * Created by IntelliJ IDEA. * User: pelleb * Date: Mar 6, 2004 * Time: 11:47:20 AM * To change this template use File | Settings | File Templates. */ public class DigestChannelTest extends TestCase { public DigestChannelTest(String name) { super(name); } public void testDigest() throws NoSuchAlgorithmException, IOException { for (int i=0;i<TESTSTRINGS.length;i++){ assertDigestEquals(TESTSTRINGS[i]); } } public void testFileDigest() throws NoSuchAlgorithmException, IOException { File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); System.out.println("Testing Digests on: "+files.length+" files"); for (int i=0;i<files.length;i++){ if (files[i].isFile()) assertDigestEquals(files[i]); } } public String getChannelDigest(String data) throws NoSuchAlgorithmException, IOException { DigestChannel ch=new DigestChannel(); ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); ch.write(buf); return new String(ch.getDigest()); } public String getNormalDigest(String data){ return new String(CryptoTools.digest(data)); } public void assertDigestEquals(String data) throws NoSuchAlgorithmException, IOException { String digest=getChannelDigest(data); assertEquals("Digest Length",20,digest.length()); assertEquals("Digest Match",getNormalDigest(data),digest); } public String getChannelDigest(File file) throws NoSuchAlgorithmException, IOException { DigestChannel ch=new DigestChannel(); FileChannel fch=new FileInputStream(file).getChannel(); fch.transferTo(0,fch.size(),ch); return new String(ch.getDigest()); } public String getNormalDigest(File file) throws NoSuchAlgorithmException, IOException { MessageDigest dig=MessageDigest.getInstance("SHA1"); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); int numread=0; byte buffer[]=new byte[1024]; while ((numread=in.read(buffer, 0, buffer.length)) >= 0) { dig.update(buffer,0,numread); } in.close(); return new String(dig.digest()); } public void assertDigestEquals(File file) throws NoSuchAlgorithmException, IOException { String digest=getChannelDigest(file); assertEquals("Digest Length",20,digest.length()); assertEquals("Digest Match",getNormalDigest(file),digest); } /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException */ public void testBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("SigningChannel benchmarks:"); final Runtime runtime = Runtime.getRuntime(); long start = System.currentTimeMillis(); for (int i = 0; i < ITERATIONS; i++) { getChannelDigest(TESTSTRINGS[i % TESTSTRINGS.length]); } long dur = System.currentTimeMillis() - start; System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); System.out.println("\nNormal Signing benchmarks:"); start=System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ getNormalDigest(TESTSTRINGS[i % TESTSTRINGS.length]); } dur=System.currentTimeMillis()-start; System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException */ public void testFileBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("File DigestChannel benchmarks:"); File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); long start = System.currentTimeMillis(); for (int i=0;i<files.length;i++){ if (files[i].isFile()) getChannelDigest(files[i % files.length]); } long dur = System.currentTimeMillis() - start; System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); System.out.println("\nNormal File digesting benchmarks:"); start=System.currentTimeMillis(); for (int i=0;i<files.length;i++){ if (files[i].isFile()) getNormalDigest(files[i % files.length]); } dur=System.currentTimeMillis()-start; System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } final static int ITERATIONS = 1000; static final String TESTSTRINGS[] = new String[]{ "", "0", "01", "012", "0123", "01234", "012345", "0123456", "01234567", "012345678", "0123456789", "0123456789A", "0123456789A0123456789As0123456789A" }; } --- NEW FILE: SigningChannelTest.java --- package org.neuclear.commons.crypto.channels; import junit.framework.TestCase; import org.neuclear.commons.crypto.CryptoTools; import org.neuclear.commons.crypto.CryptoException; import org.neuclear.commons.test.JunitTools; import java.security.*; import java.nio.ByteBuffer; import java.nio.channels.FileChannel; import java.io.IOException; import java.io.File; import java.io.FileInputStream; import java.io.BufferedInputStream; /** * Created by IntelliJ IDEA. * User: pelleb * Date: Mar 6, 2004 * Time: 11:47:20 AM * To change this template use File | Settings | File Templates. */ public class SigningChannelTest extends TestCase { public SigningChannelTest(String name) throws NoSuchAlgorithmException { super(name); kp = CryptoTools.createTinyKeyPair(); } public void testSign() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { for (int i=0;i<TESTSTRINGS.length;i++){ assertSignatureEquals(TESTSTRINGS[i]); } } public void testFileDigest() throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); System.out.println("Testing Digests on: "+files.length+" files"); for (int i=0;i<files.length;i++){ if (files[i].isFile()) assertSignatureEquals(files[i]); } } public String getChannelSignature(String data) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); ch.write(buf); return new String(ch.getSignature()); } public String getNormalSignature(String data) throws CryptoException { return new String(CryptoTools.sign(kp,data.getBytes())); } public boolean verifyChannelSignature(String data,String sig) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { VerifyingChannel ch=new VerifyingChannel(kp.getPublic()); ByteBuffer buf=ByteBuffer.wrap(data.getBytes()); ch.write(buf); return ch.verify(sig.getBytes()); } public boolean verifyNormalSignature(String data,String sig) throws CryptoException { return CryptoTools.verify(kp.getPublic(),data.getBytes(),sig.getBytes()); } public void assertSignatureEquals(String data) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { String sig=getChannelSignature(data); assertEquals("Signature Match",getNormalSignature(data),sig); assertTrue("Signature Channel Verify",verifyChannelSignature(data,sig)); assertTrue("Signature Channel Normal",verifyNormalSignature(data,sig)); } public void assertSignatureEquals(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException, CryptoException { String sig=getChannelSignature(file); assertEquals("Signature Match",getNormalSignature(file),sig); } public String getChannelSignature(File file) throws NoSuchAlgorithmException, IOException, InvalidKeyException, SignatureException { SigningChannel ch=new SigningChannel(kp.getPrivate()); FileChannel fch=new FileInputStream(file).getChannel(); fch.transferTo(0,fch.size(),ch); return new String(ch.getSignature()); } public String getNormalSignature(File file) throws NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { Signature sig=Signature.getInstance("SHA1withRSA"); sig.initSign(kp.getPrivate()); BufferedInputStream in = new BufferedInputStream(new FileInputStream(file)); int numread=0; byte buffer[]=new byte[1024]; while ((numread=in.read(buffer, 0, buffer.length)) >= 0) { sig.update(buffer,0,numread); } in.close(); return new String(sig.sign()); } /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException */ public void testBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("SigningChannel benchmarks:"); final Runtime runtime = Runtime.getRuntime(); long start = System.currentTimeMillis(); for (int i = 0; i < ITERATIONS; i++) { getChannelSignature(TESTSTRINGS[i % TESTSTRINGS.length]); } long dur = System.currentTimeMillis() - start; System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); System.out.println("\nNormal Signing benchmarks:"); start=System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ getNormalSignature(TESTSTRINGS[i % TESTSTRINGS.length]); } dur=System.currentTimeMillis()-start; System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } /** * Silly Microbenchmark * * @throws org.neuclear.commons.crypto.CryptoException */ public void testFileBenchmark() throws CryptoException, NoSuchAlgorithmException, IOException, SignatureException, InvalidKeyException { System.out.println("File SigningChannel benchmarks:"); File cd=new File("src/java/org/neuclear/commons/crypto"); File files[]=cd.listFiles(); long start = System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ if (files[i% files.length].isFile()) getChannelSignature(files[i % files.length]); } long dur = System.currentTimeMillis() - start; System.out.println(ITERATIONS + " iterations took: " + dur + "ms"); System.out.println("\nNormal File signing benchmarks:"); start=System.currentTimeMillis(); for (int i=0;i<ITERATIONS;i++){ if (files[i% files.length].isFile()) getNormalSignature(files[i % files.length]); } dur=System.currentTimeMillis()-start; System.out.println(ITERATIONS+" iterations took: "+dur+"ms"); } final static int ITERATIONS = 1000; static final String TESTSTRINGS[] = new String[]{ "", "0", "01", "012", "0123", "01234", "012345", "0123456", "01234567", "012345678", "0123456789", "0123456789A", "0123456789A0123456789As0123456789A" }; private KeyPair kp; } |
|
From: <pe...@us...> - 2004-03-06 21:05:35
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9462/src/java/org/neuclear/commons/crypto/channels Modified Files: AbstractSignatureChannel.java DigestChannel.java Log Message: Added Unit tests for DigestChannel and SigningChannel. The SigningChannel passes for Signing on straight signing of byte arrays as well as from Files Currently the Verifying channel fails, need to investigate. The DigestChannel passes for all types. Index: AbstractSignatureChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/AbstractSignatureChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** AbstractSignatureChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- AbstractSignatureChannel.java 6 Mar 2004 20:50:28 -0000 1.2 *************** *** 28,31 **** --- 28,37 ---- $Id$ $Log$ + Revision 1.2 2004/03/06 20:50:28 pelle + Added Unit tests for DigestChannel and SigningChannel. + The SigningChannel passes for Signing on straight signing of byte arrays as well as from Files + Currently the Verifying channel fails, need to investigate. + The DigestChannel passes for all types. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 57,69 **** if (closed) throw new ClosedChannelException(); ! final byte[] bytes = buffer.array(); try { ! sig.update(buffer.array()); } catch (SignatureException e) { throw new IOException(e.getLocalizedMessage()); } ! return bytes.length; } protected final Signature sig; } --- 63,80 ---- if (closed) throw new ClosedChannelException(); ! final int size = buffer.limit()-buffer.position(); ! if (bytes ==null) ! bytes=new byte[size]; ! final int count=Math.min(size,bytes.length); ! buffer.get(bytes,0,count); try { ! sig.update(bytes,0,count); } catch (SignatureException e) { throw new IOException(e.getLocalizedMessage()); } ! return count; } protected final Signature sig; + private byte[] bytes; } Index: DigestChannel.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels/DigestChannel.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** DigestChannel.java 5 Mar 2004 23:43:06 -0000 1.1 --- DigestChannel.java 6 Mar 2004 20:50:28 -0000 1.2 *************** *** 27,30 **** --- 27,36 ---- $Id$ $Log$ + Revision 1.2 2004/03/06 20:50:28 pelle + Added Unit tests for DigestChannel and SigningChannel. + The SigningChannel passes for Signing on straight signing of byte arrays as well as from Files + Currently the Verifying channel fails, need to investigate. + The DigestChannel passes for all types. + Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. *************** *** 40,43 **** --- 46,50 ---- public DigestChannel() throws NoSuchAlgorithmException { this("SHA1"); + } *************** *** 53,59 **** if (closed) throw new ClosedChannelException(); ! final byte[] bytes = buffer.array(); ! digest.update(bytes); ! return bytes.length; } --- 60,70 ---- if (closed) throw new ClosedChannelException(); ! final int size = buffer.limit()-buffer.position(); ! if (bytes ==null) ! bytes=new byte[size]; ! final int count=Math.min(size,bytes.length); ! buffer.get(bytes,0,count); ! digest.update(bytes,0,count); ! return count; } *************** *** 68,70 **** --- 79,82 ---- private final MessageDigest digest; + private byte[] bytes; } |
|
From: <pe...@us...> - 2004-03-06 21:02:47
|
Update of /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8813/src/test/org/neuclear/commons/crypto/channels Log Message: Directory /cvsroot/neuclear/neuclear-commons/src/test/org/neuclear/commons/crypto/channels added to the repository |
Update of /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30922/src/java/org/neuclear/xml/xmlsec Modified Files: InvalidSignatureException.java Reference.java SignedInfo.java XMLSecTools.java Log Message: Attempting to make Reference and SignedInfo more compliant with the standard. SignedInfo can now contain more than one reference. Reference is on the way to becoming more flexible and two support more than one transform. I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. Index: InvalidSignatureException.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/InvalidSignatureException.java,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** InvalidSignatureException.java 14 Jan 2004 16:34:27 -0000 1.2 --- InvalidSignatureException.java 5 Mar 2004 23:47:17 -0000 1.3 *************** *** 11,19 **** */ public class InvalidSignatureException extends Exception { ! public InvalidSignatureException(byte a[],byte b[]) { ! super("Digest: '"+a+"' not equal to: "+b); } ! public InvalidSignatureException(PublicKey pub){ ! super("Publick Key: "+pub.toString()+ " didnt sign this signature"); } } --- 11,20 ---- */ public class InvalidSignatureException extends Exception { ! public InvalidSignatureException(String a, String b) { ! super("Digest: '" + a + "' not equal to: " + b); } ! ! public InvalidSignatureException(PublicKey pub) { ! super("Public Key: " + pub.toString() + " didnt sign this signature"); } } Index: Reference.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/Reference.java,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** Reference.java 3 Mar 2004 23:23:24 -0000 1.14 --- Reference.java 5 Mar 2004 23:47:17 -0000 1.15 *************** *** 1,4 **** --- 1,10 ---- /* $Id$ * $Log$ + * Revision 1.15 2004/03/05 23:47:17 pelle + * Attempting to make Reference and SignedInfo more compliant with the standard. + * SignedInfo can now contain more than one reference. + * Reference is on the way to becoming more flexible and two support more than one transform. + * I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. + * * Revision 1.14 2004/03/03 23:23:24 pelle * Interops with enveloped signatures. *************** *** 166,169 **** --- 172,176 ---- import java.io.ByteArrayOutputStream; import java.io.IOException; + import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; *************** *** 183,187 **** super(Reference.TAG_NAME); final Canonicalizer canon; ! Object ref = null; Element transformsElement = addElement("Transforms"); // final Element object; --- 190,194 ---- super(Reference.TAG_NAME); final Canonicalizer canon; ! object = root; Element transformsElement = addElement("Transforms"); // final Element object; *************** *** 190,197 **** canon = new CanonicalizerWithoutSignature(); transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"); - ref = root; } else if (sigtype == XMLSIGTYPE_ENVELOPING) { canon = new Canonicalizer(); - ref = root; } else { throw new XMLSecurityException("Unsupported Signature Method"); --- 197,202 ---- *************** *** 199,216 **** transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); - type = sigtype; final String id = Utility.denullString(root.attributeValue("Id"), root.attributeValue("ID")); if (!Utility.isEmpty(id)) createAttribute("URI", "#" + id); ! addDigest(canon, ref); } ! ! public Reference(final String uri) throws XMLSecurityException { super(Reference.TAG_NAME); ! type = XMLSIGTYPE_DETACHED; ! createAttribute("URI", uri); ! addDigest(new Canonicalizer(), loadReference(uri)); } --- 204,232 ---- transformsElement.addElement(XMLSecTools.createQName("Transform")).addAttribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); final String id = Utility.denullString(root.attributeValue("Id"), root.attributeValue("ID")); if (!Utility.isEmpty(id)) createAttribute("URI", "#" + id); ! digest = addDigest(canon, root); } ! private Reference(Object object, InputStream is) throws XMLSecurityException { super(Reference.TAG_NAME); ! try { ! digest = new String(CryptoTools.digest(is)); ! this.object = object; ! } catch (IOException e) { ! throw new XMLSecurityException(e); ! } ! ! } ! ! public Reference(final String url) throws XMLSecurityException, IOException { ! this(new URL(url)); ! } ! ! public Reference(final URL url) throws XMLSecurityException, IOException { ! this(url, url.openStream()); ! createAttribute("URI", url.toExternalForm()); } *************** *** 225,233 **** if (!elem.getQName().getName().equals(TAG_NAME)) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); ! type = findSignatureType(elem); ! byte digest[] = XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue"))); ! final Object object = findRefElement(elem); if (object == null) throw new XMLSecurityException("Couldnt Dereference Object:\n " + elem.asXML()); --- 241,249 ---- if (!elem.getQName().getName().equals(TAG_NAME)) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); ! int type = findSignatureType(elem); ! digest = new String(XMLSecTools.decodeBase64Element(getElement().element(XMLSecTools.createQName("DigestValue")))); ! object = findRefElement(elem); if (object == null) throw new XMLSecurityException("Couldnt Dereference Object:\n " + elem.asXML()); *************** *** 238,257 **** canon = new Canonicalizer(); ! final byte dig2[] = createDigest(canon, object); ! if (!CryptoTools.equalByteArrays(digest, dig2)) throw new InvalidSignatureException(digest, dig2); } ! private void addDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { addElement("DigestMethod").addAttribute(XMLSecTools.createQName("Algorithm"), "http://www.w3.org/2000/09/xmldsig#sha1"); ! getElement().add(XMLSecTools.base64ToElement("DigestValue", createDigest(canon, root))); } ! private static byte[] createDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { final byte[] value = canon.canonicalize(root); // System.out.println("Canonicalized Reference:"); // System.out.println(new String(value)); // System.out.println("------"); ! return CryptoTools.digest(value); } --- 254,275 ---- canon = new Canonicalizer(); ! final String dig2 = createDigest(canon, object); ! if (!digest.equals(dig2)) throw new InvalidSignatureException(digest, dig2); } ! private String addDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { addElement("DigestMethod").addAttribute(XMLSecTools.createQName("Algorithm"), "http://www.w3.org/2000/09/xmldsig#sha1"); ! final String digest = createDigest(canon, root); ! getElement().add(XMLSecTools.base64ToElement("DigestValue", digest)); ! return digest; } ! private static String createDigest(final Canonicalizer canon, Object root) throws XMLSecurityException { final byte[] value = canon.canonicalize(root); // System.out.println("Canonicalized Reference:"); // System.out.println(new String(value)); // System.out.println("------"); ! return new String(CryptoTools.digest(value)); } *************** *** 307,310 **** --- 325,331 ---- } + public String getDigest() { + return digest; + } public String getUri() { *************** *** 312,318 **** } ! private final int type; ! private static final String TAG_NAME = "Reference"; public final static int XMLSIGTYPE_ENVELOPED = 0; public final static int XMLSIGTYPE_ENVELOPING = 1; --- 333,340 ---- } ! private final String digest; ! public final Object object; + private static final String TAG_NAME = "Reference"; public final static int XMLSIGTYPE_ENVELOPED = 0; public final static int XMLSIGTYPE_ENVELOPING = 1; Index: SignedInfo.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/SignedInfo.java,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SignedInfo.java 2 Mar 2004 23:30:43 -0000 1.1 --- SignedInfo.java 5 Mar 2004 23:47:17 -0000 1.2 *************** *** 1,4 **** --- 1,10 ---- /* $Id$ * $Log$ + * Revision 1.2 2004/03/05 23:47:17 pelle + * Attempting to make Reference and SignedInfo more compliant with the standard. + * SignedInfo can now contain more than one reference. + * Reference is on the way to becoming more flexible and two support more than one transform. + * I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. + * * Revision 1.1 2004/03/02 23:30:43 pelle * Renamed SignatureInfo to SignedInfo as that is the name of the Element. *************** *** 105,110 **** --- 111,129 ---- import java.security.NoSuchProviderException; import java.security.Signature; + import java.util.ArrayList; + import java.util.Collections; + import java.util.List; public final class SignedInfo extends AbstractXMLSigElement { + public SignedInfo(Reference references[], final int sigalg) { + super(SignedInfo.TAG_NAME); + final ArrayList list = new ArrayList(references.length); + for (int i = 0; i < references.length; i++) { + list.add(references[i]); + addElement(references[i]); + } + this.refs = Collections.unmodifiableList(list); + } + public SignedInfo(final Element root, final int sigalg, final int sigtype) throws XMLSecurityException { super(SignedInfo.TAG_NAME); *************** *** 123,127 **** addElement(sm); ! ref = new Reference(root, sigtype); addElement(ref); } catch (XMLException e) { --- 142,149 ---- addElement(sm); ! Reference ref = new Reference(root, sigtype); ! List list = new ArrayList(1); ! list.add(ref); ! this.refs = Collections.unmodifiableList(list); addElement(ref); } catch (XMLException e) { *************** *** 134,146 **** if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME))) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); - this.sig = sig; final Element c14elem = elem.element(XMLSecTools.createQName("CanonicalizationMethod")); if (c14elem != null && c14elem.attributeValue("Algorithm").equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments")) c14nType = Canonicalizer.C14NTYPE_WITH_COMMENTS; ! final Element refElem = elem.element(XMLSecTools.createQName("Reference")); ! if (refElem != null) ! ref = new Reference(refElem); ! //Check reference element if signature is enveloped ! } --- 156,169 ---- if (!elem.getQName().equals(XMLSecTools.createQName(TAG_NAME))) throw new XMLSecurityException("Element: " + elem.getQualifiedName() + " is not a valid: " + XMLSecTools.NS_DS.getPrefix() + ":" + TAG_NAME); final Element c14elem = elem.element(XMLSecTools.createQName("CanonicalizationMethod")); if (c14elem != null && c14elem.attributeValue("Algorithm").equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments")) c14nType = Canonicalizer.C14NTYPE_WITH_COMMENTS; ! final List list = elem.elements(XMLSecTools.createQName("Reference")); ! final List refList = new ArrayList(list.size()); ! for (int i = 0; i < list.size(); i++) { ! Element element = (Element) list.get(i); ! refList.add(new Reference(element)); ! } ! this.refs = Collections.unmodifiableList(refList); } *************** *** 152,157 **** * @throws XMLSecurityException */ ! public final Reference getReference() throws XMLSecurityException { ! return ref; } --- 175,180 ---- * @throws XMLSecurityException */ ! public final List getReferences() throws XMLSecurityException { ! return refs; } *************** *** 164,171 **** } - final XMLSignature getSig() { - return sig; - } - //TODO Ignore this bit for now final Signature getSignatureAlgorithm() throws XMLSecurityException { --- 187,190 ---- *************** *** 189,196 **** private static final String TAG_NAME = "SignedInfo"; ! private Reference ref; private int c14nType = 0; private int algType = 0; - private XMLSignature sig; public final static int SIG_ALG_RSA = Signer.KEY_RSA; --- 208,214 ---- private static final String TAG_NAME = "SignedInfo"; ! private final List refs; private int c14nType = 0; private int algType = 0; public final static int SIG_ALG_RSA = Signer.KEY_RSA; Index: XMLSecTools.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/java/org/neuclear/xml/xmlsec/XMLSecTools.java,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** XMLSecTools.java 19 Feb 2004 19:37:34 -0000 1.11 --- XMLSecTools.java 5 Mar 2004 23:47:17 -0000 1.12 *************** *** 1,4 **** --- 1,10 ---- /* $Id$ * $Log$ + * Revision 1.12 2004/03/05 23:47:17 pelle + * Attempting to make Reference and SignedInfo more compliant with the standard. + * SignedInfo can now contain more than one reference. + * Reference is on the way to becoming more flexible and two support more than one transform. + * I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. + * * Revision 1.11 2004/02/19 19:37:34 pelle * At times IntelliJ IDEA can cause some real hassle. On my last checkin it optimized away all of the dom4j and command line imports. *************** *** 167,173 **** */ - import org.dom4j.io.XMLWriter; import org.dom4j.*; ! import org.neuclear.commons.crypto.Base64; import org.neuclear.commons.crypto.CryptoException; --- 173,178 ---- */ import org.dom4j.*; ! import org.dom4j.io.XMLWriter; import org.neuclear.commons.crypto.Base64; import org.neuclear.commons.crypto.CryptoException; *************** *** 560,563 **** --- 565,586 ---- /** * Method base64ToElement + * + * @param localName + * @param data + * @return + */ + public static Element base64ToElement(final String localName, + final String data) { + + final Element el = createElementInSignatureSpace(localName); + final Text text = DocumentHelper.createText(Base64.encodeClean(data.getBytes())); + + el.add(text); + + return el; + } + + /** + * Method base64ToElement * * @param localName |
|
From: <pe...@us...> - 2004-03-06 00:01:44
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30922/src/test/org/neuclear/xml/xmlsec Modified Files: RefTest.java Log Message: Attempting to make Reference and SignedInfo more compliant with the standard. SignedInfo can now contain more than one reference. Reference is on the way to becoming more flexible and two support more than one transform. I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. Index: RefTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/xmlsec/RefTest.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** RefTest.java 2 Mar 2004 18:39:57 -0000 1.6 --- RefTest.java 5 Mar 2004 23:47:17 -0000 1.7 *************** *** 10,14 **** import java.io.File; ! import java.net.MalformedURLException; /* --- 10,14 ---- import java.io.File; ! import java.io.IOException; /* *************** *** 32,35 **** --- 32,41 ---- $Id$ $Log$ + Revision 1.7 2004/03/05 23:47:17 pelle + Attempting to make Reference and SignedInfo more compliant with the standard. + SignedInfo can now contain more than one reference. + Reference is on the way to becoming more flexible and two support more than one transform. + I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. + Revision 1.6 2004/03/02 18:39:57 pelle Done some more minor fixes within xmlsig, but mainly I've removed the old Source and Store patterns and sub packages. This is because *************** *** 65,102 **** } ! public void testExternalReference() throws XMLException, CryptoException, MalformedURLException { ! File rfile=new File("project.xml"); final String uri = rfile.toURL().toExternalForm(); ! Reference ref=new Reference(uri); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals(uri,ref.getUri()); System.out.println(ref.asXML()); } public void testEnvelopedReference() throws DocumentException, XMLException, CryptoException { ! Document doc=DocumentHelper.parseText("<test>hello</test>"); ! Reference ref=new Reference(doc.getRootElement(),Reference.XMLSIGTYPE_ENVELOPED); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals("",ref.getUri()); // assertEquals(ref.); System.out.println(ref.asXML()); } public void testEnvelopingReference() throws DocumentException, XMLException, CryptoException, InvalidSignatureException { ! Document doc=DocumentHelper.parseText("<Signature><SignedInfo/><Object Id=\"one\"><test>hello</test></Object></Signature>"); ! Reference ref=new Reference(doc.getRootElement().element("Object"),Reference.XMLSIGTYPE_ENVELOPING); doc.getRootElement().element("SignedInfo").add(ref.getElement()); ! assertNotNull(XMLTools.getByID(doc,"one")); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals("#one",ref.getUri()); System.out.println(doc.asXML()); ! Document doc2=DocumentHelper.parseText(doc.asXML()); ! Reference ref2=new Reference(doc2.getRootElement().element("SignedInfo").element("Reference")); // assertEquals(ref.getDigest(),ref2.getDigest()); ! assertEquals(ref.getUri(),ref2.getUri()); --- 71,109 ---- } ! public void testExternalReference() throws XMLException, CryptoException, IOException { ! File rfile = new File("project.xml"); final String uri = rfile.toURL().toExternalForm(); ! Reference ref = new Reference(uri); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals(uri, ref.getUri()); System.out.println(ref.asXML()); } public void testEnvelopedReference() throws DocumentException, XMLException, CryptoException { ! Document doc = DocumentHelper.parseText("<test>hello</test>"); ! Reference ref = new Reference(doc.getRootElement(), Reference.XMLSIGTYPE_ENVELOPED); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals("", ref.getUri()); // assertEquals(ref.); System.out.println(ref.asXML()); } + public void testEnvelopingReference() throws DocumentException, XMLException, CryptoException, InvalidSignatureException { ! Document doc = DocumentHelper.parseText("<Signature><SignedInfo/><Object Id=\"one\"><test>hello</test></Object></Signature>"); ! Reference ref = new Reference(doc.getRootElement().element("Object"), Reference.XMLSIGTYPE_ENVELOPING); doc.getRootElement().element("SignedInfo").add(ref.getElement()); ! assertNotNull(XMLTools.getByID(doc, "one")); assertNotNull(ref); // assertNotNull(ref.getDigest()); ! assertEquals("#one", ref.getUri()); System.out.println(doc.asXML()); ! Document doc2 = DocumentHelper.parseText(doc.asXML()); ! Reference ref2 = new Reference(doc2.getRootElement().element("SignedInfo").element("Reference")); // assertEquals(ref.getDigest(),ref2.getDigest()); ! assertEquals(ref.getUri(), ref2.getUri()); |
|
From: <pe...@us...> - 2004-03-06 00:01:43
|
Update of /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/c14 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30922/src/test/org/neuclear/xml/c14 Modified Files: CanonicalizationTest.java Log Message: Attempting to make Reference and SignedInfo more compliant with the standard. SignedInfo can now contain more than one reference. Reference is on the way to becoming more flexible and two support more than one transform. I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. Index: CanonicalizationTest.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-xmlsig/src/test/org/neuclear/xml/c14/CanonicalizationTest.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** CanonicalizationTest.java 2 Mar 2004 23:50:45 -0000 1.6 --- CanonicalizationTest.java 5 Mar 2004 23:47:17 -0000 1.7 *************** *** 8,11 **** --- 8,17 ---- * $Id$ * $Log$ + * Revision 1.7 2004/03/05 23:47:17 pelle + * Attempting to make Reference and SignedInfo more compliant with the standard. + * SignedInfo can now contain more than one reference. + * Reference is on the way to becoming more flexible and two support more than one transform. + * I am adding Crypto Channels to commons to help this out and to hopefully speed things up as well. + * * Revision 1.6 2004/03/02 23:50:45 pelle * minor changes. *************** *** 85,89 **** public final class CanonicalizationTest extends TestCase { ! private final static boolean ASSERT_FAIL = true; //Change this to assert failed documents public CanonicalizationTest(final String s) { --- 91,95 ---- public final class CanonicalizationTest extends TestCase { ! private final static boolean ASSERT_FAIL = false; //Change this to assert failed documents public CanonicalizationTest(final String s) { |
|
From: <pe...@us...> - 2004-03-05 23:57:35
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29887/src/java/org/neuclear/commons/crypto Modified Files: CryptoTools.java Log Message: New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. Index: CryptoTools.java =================================================================== RCS file: /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/CryptoTools.java,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** CryptoTools.java 19 Feb 2004 15:29:10 -0000 1.14 --- CryptoTools.java 5 Mar 2004 23:43:06 -0000 1.15 *************** *** 2,5 **** --- 2,10 ---- * $Id$ * $Log$ + * Revision 1.15 2004/03/05 23:43:06 pelle + * New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. + * DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. + * AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. + * * Revision 1.14 2004/02/19 15:29:10 pelle * Various cleanups and corrections *************** *** 252,255 **** --- 257,261 ---- import javax.crypto.spec.SecretKeySpec; import java.io.IOException; + import java.io.InputStream; import java.math.BigInteger; import java.security.*; *************** *** 500,503 **** --- 506,520 ---- } + public static byte[] digest(final InputStream is) throws IOException { + Digest digest = new org.bouncycastle.crypto.digests.SHA1Digest(); + byte buf[] = new byte[digest.getDigestSize()]; + int length = 0; + while ((length = is.read(buf)) >= 0) + digest.update(buf, 0, length); + digest.doFinal(buf, 0); + is.close(); + return buf; + } + public static byte[] digest(final byte[] value) { final Digest dig = new org.bouncycastle.crypto.digests.SHA1Digest(); |
|
From: <pe...@us...> - 2004-03-05 23:57:35
|
Update of /cvsroot/neuclear/neuclear-commons/src/java/org/neuclear/commons/crypto/channels In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29887/src/java/org/neuclear/commons/crypto/channels Added Files: AbstractCryptoChannel.java AbstractEncodingChannel.java AbstractSignatureChannel.java DigestChannel.java SigningChannel.java VerifyingChannel.java Log Message: New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. --- NEW FILE: AbstractCryptoChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.nio.channels.WritableByteChannel; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: AbstractCryptoChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: AbstractCryptoChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * User: pelleb * Date: Mar 5, 2004 * Time: 11:06:24 PM */ public abstract class AbstractCryptoChannel implements WritableByteChannel { public boolean isOpen() { return !closed; } public void close() throws IOException { closed = true; } protected boolean closed = false; } --- NEW FILE: AbstractEncodingChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.nio.ByteBuffer; import java.nio.channels.ClosedChannelException; import java.nio.channels.ReadableByteChannel; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: AbstractEncodingChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: AbstractEncodingChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * This is an AbstractChannel for encodings such as base64 etc. * You write raw data to it and read the encoded data with read(). * TODO This should probably be blocking. */ public abstract class AbstractEncodingChannel extends AbstractCryptoChannel implements ReadableByteChannel { protected AbstractEncodingChannel(int inChunkSize, int outChunkSize) { this.outChunkSize = outChunkSize; this.inChunkSize = inChunkSize; buf = ByteBuffer.allocate(outChunkSize); } public int write(ByteBuffer buffer) throws IOException { if (closed) throw new ClosedChannelException(); return 0; } public int read(ByteBuffer buffer) throws IOException { if (closed) throw new ClosedChannelException(); return 0; } protected final int outChunkSize; protected final int inChunkSize; protected final ByteBuffer buf; } --- NEW FILE: AbstractSignatureChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.nio.ByteBuffer; import java.nio.channels.ClosedChannelException; import java.security.NoSuchAlgorithmException; import java.security.Signature; import java.security.SignatureException; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: AbstractSignatureChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: AbstractSignatureChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * User: pelleb * Date: Mar 5, 2004 * Time: 11:08:47 PM */ public abstract class AbstractSignatureChannel extends AbstractCryptoChannel { AbstractSignatureChannel(Signature sig) { this.sig = sig; } AbstractSignatureChannel(String alg) throws NoSuchAlgorithmException { this(Signature.getInstance(alg)); } AbstractSignatureChannel() throws NoSuchAlgorithmException { this("SHA1withRSA"); } public int write(ByteBuffer buffer) throws IOException { if (closed) throw new ClosedChannelException(); final byte[] bytes = buffer.array(); try { sig.update(buffer.array()); } catch (SignatureException e) { throw new IOException(e.getLocalizedMessage()); } return bytes.length; } protected final Signature sig; } --- NEW FILE: DigestChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.nio.ByteBuffer; import java.nio.channels.ClosedChannelException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: DigestChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: DigestChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * WritableByteChannel for producing SHA! Digests from ByteBuffers */ public class DigestChannel extends AbstractCryptoChannel { public DigestChannel() throws NoSuchAlgorithmException { this("SHA1"); } public DigestChannel(MessageDigest digest) throws NoSuchAlgorithmException { this.digest = digest; } public DigestChannel(String alg) throws NoSuchAlgorithmException { this(MessageDigest.getInstance(alg)); } public int write(ByteBuffer buffer) throws IOException { if (closed) throw new ClosedChannelException(); final byte[] bytes = buffer.array(); digest.update(bytes); return bytes.length; } /** * Call this to get the Digest * * @return */ public byte[] getDigest() { return digest.digest(); } private final MessageDigest digest; } --- NEW FILE: SigningChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.security.*; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: SigningChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: SigningChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * User: pelleb * Date: Mar 5, 2004 * Time: 11:18:36 PM */ public class SigningChannel extends AbstractSignatureChannel { public SigningChannel(Signature sig, PrivateKey key) throws InvalidKeyException { super(sig); sig.initSign(key); } public SigningChannel(String alg, PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(alg); sig.initSign(key); } public SigningChannel(PrivateKey key) throws NoSuchAlgorithmException, InvalidKeyException { sig.initSign(key); } public byte[] getSignature() throws SignatureException, IOException { byte signature[] = sig.sign(); close(); return signature; } } --- NEW FILE: VerifyingChannel.java --- package org.neuclear.commons.crypto.channels; import java.io.IOException; import java.security.*; /* NeuClear Distributed Transaction Clearing Platform (C) 2003 Pelle Braendgaard This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA $Id: VerifyingChannel.java,v 1.1 2004/03/05 23:43:06 pelle Exp $ $Log: VerifyingChannel.java,v $ Revision 1.1 2004/03/05 23:43:06 pelle New Channels package with nio based channels for various crypto related tasks such as digests, signing, verifying and encoding. DigestsChannel, SigningChannel and VerifyingChannel are complete, but not tested. AbstractEncodingChannel will be used for a Base64/Base32 Channel as well as possibly an xml canonicalization channel in the xmlsig library. */ /** * Channel that reads data and verifies it against a public key */ public class VerifyingChannel extends AbstractSignatureChannel { public VerifyingChannel(Signature sig, PublicKey key) throws InvalidKeyException { super(sig); sig.initVerify(key); } public VerifyingChannel(String alg, PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException { super(alg); sig.initVerify(key); } public VerifyingChannel(PublicKey key) throws NoSuchAlgorithmException, InvalidKeyException { sig.initVerify(key); } public boolean verify(byte signature[]) throws SignatureException, IOException { boolean verified = sig.verify(signature); close(); return verified; } } |
570 messages has been excluded from this view by a project administrator.
