DOMSignContext dsc = new DOMSignContext(priv, doc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null), Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null, null); SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref)); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(pub); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc);
KeyValue keyValue; try { keyValue = keyInfoFactory.newKeyValue(signingCertificate.getPublicKey()); } catch (KeyException e) { throw new RuntimeException("key exception: " + e.getMessage(), e); x509DataObjects.add(keyInfoFactory.newX509IssuerSerial( signingCertificate.getIssuerX500Principal().toString(), signingCertificate.getSerialNumber())); X509Data x509Data = keyInfoFactory.newX509Data(x509DataObjects); keyInfoContent.add(x509Data); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoContent); DOMKeyInfo domKeyInfo = (DOMKeyInfo)keyInfo; ? new DOMSignContext(key, n) : new DOMSignContext(key, n, nextSibling); for (Map.Entry<String,String> me : signatureConfig.getNamespacePrefixes().entrySet()) { domSignContext.putNamespacePrefix(me.getKey(), me.getValue()); DOMStructure domStructure = new DOMStructure(n); domKeyInfo.marshal(domStructure, domSignContext);
/** * @return the key factory (thread-local) */ public KeyInfoFactory getKeyInfoFactory() { KeyInfoFactory keyFac = keyInfoFactory.get(); if (keyFac == null) { keyFac = KeyInfoFactory.getInstance("DOM", getProvider()); setKeyInfoFactory(keyFac); } return keyFac; }
if(x509ce == null) throw CX_ALINV_X.get(info, kAlias); final PublicKey puk = x509ce.getPublicKey(); final KeyInfoFactory kifactory = fac.getKeyInfoFactory(); final KeyValue keyValue = kifactory.newKeyValue(puk); final ArrayList<XMLStructure> kiCont = new ArrayList<>(); kiCont.add(keyValue); final List<Object> x509Content = new ArrayList<>(); final X509IssuerSerial issuer = kifactory.newX509IssuerSerial(x509ce. getIssuerX500Principal().getName(), x509ce.getSerialNumber()); x509Content.add(x509ce.getSubjectX500Principal().getName()); x509Content.add(issuer); x509Content.add(x509ce); final X509Data x509Data = kifactory.newX509Data(x509Content); kiCont.add(x509Data); ki = kifactory.newKeyInfo(kiCont); gen.initialize(512); final KeyPair kp = gen.generateKeyPair(); final KeyInfoFactory kif = fac.getKeyInfoFactory(); final KeyValue kv = kif.newKeyValue(kp.getPublic()); ki = kif.newKeyInfo(Collections.singletonList(kv)); pk = kp.getPrivate(); signContext = new DOMSignContext(pk, inputNode.getDocumentElement()); signContext = new DOMSignContext(pk, inputNode); if(ns.length > 0) signContext.setDefaultNamespacePrefix(string(ns));
synchronized void sign ( final Key privateKey, final PublicKey publicKey, final Certificate cert, final Document doc ) throws Exception { final DOMSignContext dsc = new DOMSignContext ( privateKey, doc.getDocumentElement () ); final SignatureMethod sm = this.fac.newSignatureMethod ( fromAlg ( privateKey.getAlgorithm () ), null ); final SignedInfo si = this.fac.newSignedInfo ( this.cm, sm, Collections.singletonList ( this.ref ) ); final List<Object> data = new LinkedList<Object> (); if ( cert != null ) { data.add ( this.kif.newKeyValue ( cert.getPublicKey () ) ); data.add ( this.kif.newX509Data ( Collections.singletonList ( cert ) ) ); } else { data.add ( this.kif.newKeyValue ( publicKey ) ); } final KeyInfo ki = this.kif.newKeyInfo ( data ); final XMLSignature signature = this.fac.newXMLSignature ( si, ki ); // finally sign signature.sign ( dsc ); }
final Reference aReference = aSignatureFactory.newReference ("", createDigestMethod (aSignatureFactory), createTransformList (aSignatureFactory), final SignedInfo aSignedInfo = aSignatureFactory.newSignedInfo (createCanonicalizationMethod (aSignatureFactory), createSignatureMethod (aSignatureFactory), ContainerHelper.<Reference> newUnmodifiableList (aReference)); final KeyInfoFactory aKeyInfoFactory = aSignatureFactory.getKeyInfoFactory (); final X509Data aX509Data = aKeyInfoFactory.newX509Data (aX509Content); final KeyValue aKeyValue = aKeyInfoFactory.newKeyValue (aCertificate.getPublicKey ()); final KeyInfo aKeyInfo = aKeyInfoFactory.newKeyInfo (ContainerHelper.<XMLStructure> newUnmodifiableList (aX509Data, aKeyValue)); final DOMSignContext aDOMSignContext = new DOMSignContext (aPrivateKey, aDocument.getDocumentElement (), aDocument.getDocumentElement ().getFirstChild ()); aDOMSignContext.setDefaultNamespacePrefix ("dsig"); aXMLSignature.sign (aDOMSignContext);
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI()); List envelopedTransform = Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)); Reference ref = fac.newReference(assertionId, fac.newDigestMethod(DigestMethod.SHA1, null),envelopedTransform, null, null); KeyInfoFactory keyInfoFac = fac.getKeyInfoFactory(); KeyValue keyVal = keyInfoFac.newKeyValue(publicKey);
private static KeyInfo createKeyInfo(PublicKey publicKey, X509Certificate x509Certificate) throws KeyException { KeyInfoFactory keyInfoFactory = fac.getKeyInfoFactory(); KeyInfo keyInfo = null; KeyValue keyValue = null; //Just with public key if (publicKey != null) { keyValue = keyInfoFactory.newKeyValue(publicKey); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValue)); } if (x509Certificate != null) { List x509list = new ArrayList(); x509list.add(x509Certificate); X509Data x509Data = keyInfoFactory.newX509Data(x509list); List items = new ArrayList(); items.add(x509Data); if (keyValue != null) { items.add(keyValue); } keyInfo = keyInfoFactory.newKeyInfo(items); } return keyInfo; } }
public static void signDOM(Node node, PrivateKey privateKey, Certificate origCert) { XMLSignatureFactory fac = initXMLSigFactory(); X509Certificate cert = (X509Certificate) origCert; // Create the KeyInfo containing the X509Data. KeyInfoFactory kif = fac.getKeyInfoFactory(); List<Object> x509Content = new ArrayList<Object>(); x509Content.add(cert.getSubjectX500Principal().getName()); x509Content.add(cert); X509Data xd = kif.newX509Data(x509Content); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); // Create a DOMSignContext and specify the RSA PrivateKey and // location of the resulting XMLSignature's parent element. DOMSignContext dsc = new DOMSignContext(privateKey, node); dsc.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ns2"); // Create the XMLSignature, but don't sign it yet. try { SignedInfo si = initSignedInfo(fac); XMLSignature signature = fac.newXMLSignature(si, ki); // Marshal, generate, and sign the enveloped signature. signature.sign(dsc); } catch (Exception e) { throw new RuntimeException(e); } }
private Document assinar(String xml, char[] senha, FileInputStream keyStoreStream) throws ParserConfigurationException, SAXException, IOException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, UnrecoverableEntryException { DocumentBuilder builder = getDocumentBuilder(); Document doc = builder.parse(new InputSource(new StringReader(xml))); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); ArrayList<Transform> transformList = getTransformList(fac); KeyStore ks = KeyStore.getInstance("pkcs12"); ks.load(keyStoreStream, senha); String alias = ks.aliases().nextElement(); KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection(senha)); X509Certificate cert = (X509Certificate) keyEntry.getCertificate(); List<Serializable> x509Content = new ArrayList<>(); x509Content.add(cert); KeyInfoFactory kif = fac.getKeyInfoFactory(); X509Data xd = kif.newX509Data(x509Content); KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd)); assinarTag(fac, transformList, keyEntry.getPrivateKey(), ki, doc, 0); return doc; }
c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); } catch (Exception ex) { log.error("", ex); secRef.setReference(ref); XMLStructure structure = new DOMStructure(secRef.getElement()); wsDocInfo.addTokenElement(secRef.getElement(), false); keyInfo = keyInfoFactory.newKeyInfo( java.util.Collections.singletonList(structure), keyInfoUri );
KeyInfoFactory keyInfoFactory = KeyInfoFactory.getInstance("DOM", new XMLDSigRI()); List<Object> x509DataObjects = new LinkedList<Object>(); X509Certificate signingCertificate = signingCertificateChain.get(0); KeyValue keyValue; try { keyValue = keyInfoFactory.newKeyValue(signingCertificate.getPublicKey()); } catch (KeyException e) { throw new RuntimeException("key exception: " + e.getMessage(), e); x509DataObjects.add(keyInfoFactory.newX509IssuerSerial( signingCertificate.getIssuerX500Principal().toString(), signingCertificate.getSerialNumber())); X509Data x509Data = keyInfoFactory.newX509Data(x509DataObjects); keyInfoContent.add(x509Data); KeyInfo keyInfo = keyInfoFactory.newKeyInfo(keyInfoContent); DOMKeyInfo domKeyInfo = (DOMKeyInfo) keyInfo; XMLSignContext xmlSignContext = new DOMSignContext(key, signatureElement); DOMCryptoContext domCryptoContext = (DOMCryptoContext) xmlSignContext; try {
c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); } catch (Exception ex) { log.error("", ex); KeyValue keyValue = keyInfoFactory.newKeyValue(publicKey); keyInfo = keyInfoFactory.newKeyInfo( java.util.Collections.singletonList(keyValue), keyInfoUri ); XMLStructure structure = new DOMStructure(secRef.getElement()); wsDocInfo.addTokenElement(secRef.getElement(), false); keyInfo = keyInfoFactory.newKeyInfo( java.util.Collections.singletonList(structure), keyInfoUri );
signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig"); } catch (NoSuchProviderException ex) { signatureFactory = XMLSignatureFactory.getInstance("DOM"); signatureFactory = XMLSignatureFactory.getInstance("DOM", provider); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); KeyValue keyValue = keyInfoFactory.newKeyValue(remoteKey); String keyInfoUri = getIdAllocator().createSecureId("KI-", null); KeyInfo keyInfo = keyInfoFactory.newKeyInfo( java.util.Collections.singletonList(keyValue), keyInfoUri ); keyInfo.marshal(new DOMStructure(encryptedKeyElement), null); } catch (java.security.KeyException | MarshalException ex) { LOG.error("", ex);
public SignatureProcessor() { // Try to install the Santuario Provider - fall back to the JDK provider if this does // not work try { signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig"); } catch (NoSuchProviderException ex) { signatureFactory = XMLSignatureFactory.getInstance("DOM"); } try { keyInfoFactory = KeyInfoFactory.getInstance("DOM", "ApacheXMLDSig"); } catch (NoSuchProviderException ex) { keyInfoFactory = KeyInfoFactory.getInstance("DOM"); } }
c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); } catch (Exception ex) { LOG.error("", ex); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); KeyValue keyValue = keyInfoFactory.newKeyValue(publicKey); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyValue), keyInfoUri); } catch (java.security.KeyException ex) { LOG.error("", ex);
c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); } catch (Exception ex) { LOG.error("", ex); secRef.setReference(ref); XMLStructure structure = new DOMStructure(secRef.getElement()); wsDocInfo.addTokenElement(secRef.getElement(), false); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); keyInfo = keyInfoFactory.newKeyInfo( java.util.Collections.singletonList(structure), keyInfoUri );
/** * 创建KeyInfo * * @param config * @return * @throws Exception */ protected KeyInfo createKeyInfo(XmlSignatureConfig config) throws Exception { KeyPair keyPair = getXmlSignatureManager().getKeyPair(config.getUserId()); KeyInfoFactory keyInfoFac = xmlSignatureFactory.getKeyInfoFactory(); KeyValue keyValue = keyInfoFac.newKeyValue(keyPair.getPublic()); KeyInfo keyInfo = keyInfoFac.newKeyInfo(Collections .singletonList(keyValue)); return keyInfo; }
private static void loadCertificates(ConfiguracoesNfe config, XMLSignatureFactory signatureFactory) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificadoException { Certificado certificado = config.getCertificado(); KeyStore keyStore = CertificadoService.getKeyStore(certificado); KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(certificado.getNome(), new KeyStore.PasswordProtection(certificado.getSenha().toCharArray())); privateKey = pkEntry.getPrivateKey(); KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory(); List<X509Certificate> x509Content = new ArrayList<X509Certificate>(); x509Content.add(CertificadoService.getCertificate(certificado, keyStore)); X509Data x509Data = keyInfoFactory.newX509Data(x509Content); keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data)); }
PrivateKeyEntry entry = ((PrivateKeyEntry) keyStore.getEntry(certAlias, new KeyStore.PasswordProtection(password))); KeyInfoFactory keyFactory = KeyInfoFactory.getInstance(); KeyInfo keyInfo = keyFactory.newKeyInfo(Collections.singletonList(keyFactory.newX509Data(Collections.singletonList(entry.getCertificate()))));