| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package javax.xml.crypto.dsig.samples; |
| |
| import javax.xml.crypto.*; |
| import javax.xml.crypto.dsig.*; |
| import javax.xml.crypto.dom.*; |
| import javax.xml.crypto.dsig.dom.DOMSignContext; |
| import javax.xml.crypto.dsig.keyinfo.*; |
| import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; |
| import java.io.FileOutputStream; |
| import java.io.OutputStream; |
| import java.security.*; |
| import java.util.Collections; |
| import javax.xml.parsers.DocumentBuilderFactory; |
| import javax.xml.transform.*; |
| import javax.xml.transform.dom.DOMSource; |
| import javax.xml.transform.stream.StreamResult; |
| import org.w3c.dom.Document; |
| |
| /** |
| * This is a simple example of generating a Detached XML |
| * Signature using the JSR 105 API. The resulting signature will look |
| * like (key and signature values will be different): |
| * |
| * <pre><code> |
| * <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> |
| * <SignedInfo> |
| * <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> |
| * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> |
| * <Reference URI="http://www.w3.org/TR/xml-stylesheet"> |
| * <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> |
| * <DigestValue>60NvZvtdTB+7UnlLp/H24p7h4bs=</DigestValue> |
| * </Reference> |
| * </SignedInfo> |
| * <SignatureValue> |
| * DpEylhQoiUKBoKWmYfajXO7LZxiDYgVtUtCNyTgwZgoChzorA2nhkQ== |
| * </SignatureValue> |
| * <KeyInfo> |
| * <KeyValue> |
| * <DSAKeyValue> |
| * <P> |
| * rFto8uPQM6y34FLPmDh40BLJ1rVrC8VeRquuhPZ6jYNFkQuwxnu/wCvIAMhukPBL |
| * FET8bJf/b2ef+oqxZajEb+88zlZoyG8g/wMfDBHTxz+CnowLahnCCTYBp5kt7G8q |
| * UobJuvjylwj1st7V9Lsu03iXMXtbiriUjFa5gURasN8= |
| * </P> |
| * <Q> |
| * kEjAFpCe4lcUOdwphpzf+tBaUds= |
| * </Q> |
| * <G> |
| * oe14R2OtyKx+s+60O5BRNMOYpIg2TU/f15N3bsDErKOWtKXeNK9FS7dWStreDxo2 |
| * SSgOonqAd4FuJ/4uva7GgNL4ULIqY7E+mW5iwJ7n/WTELh98mEocsLXkNh24HcH4 |
| * BZfSCTruuzmCyjdV1KSqX/Eux04HfCWYmdxN3SQ/qqw= |
| * </G> |
| * <Y> |
| * pA5NnZvcd574WRXuOA7ZfC/7Lqt4cB0MRLWtHubtJoVOao9ib5ry4rTk0r6ddnOv |
| * AIGKktutzK3ymvKleS3DOrwZQgJ+/BDWDW8kO9R66o6rdjiSobBi/0c2V1+dkqOg |
| * jFmKz395mvCOZGhC7fqAVhHat2EjGPMfgSZyABa7+1k= |
| * </Y> |
| * </DSAKeyValue> |
| * </KeyValue> |
| * </KeyInfo> |
| * </Signature> |
| * </code></pre> |
| */ |
| public class GenDetached { |
| |
| // |
| // Synopsis: java GenDetached [output] |
| // |
| // where output is the name of the file that will contain the detached |
| // signature. If not specified, standard output is used. |
| // |
| public static void main(String[] args) throws Exception { |
| |
| // First, create a DOM XMLSignatureFactory that will be used to |
| // generate the XMLSignature and marshal it to DOM. |
| String providerName = System.getProperty |
| ("jsr105Provider", "org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI"); |
| XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", |
| (Provider) Class.forName(providerName).newInstance()); |
| |
| // Create a Reference to an external URI that will be digested |
| // using the SHA1 digest algorithm |
| Reference ref = |
| fac.newReference( |
| "http://www.w3.org/TR/xml-stylesheet", |
| fac.newDigestMethod(DigestMethod.SHA1, null) |
| ); |
| |
| // Create the SignedInfo |
| SignedInfo si = fac.newSignedInfo( |
| fac.newCanonicalizationMethod |
| (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, |
| (C14NMethodParameterSpec) null), |
| fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), |
| Collections.singletonList(ref)); |
| |
| // Create a DSA KeyPair |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA"); |
| kpg.initialize(512); |
| KeyPair kp = kpg.generateKeyPair(); |
| |
| // Create a KeyValue containing the DSA PublicKey that was generated |
| KeyInfoFactory kif = fac.getKeyInfoFactory(); |
| KeyValue kv = kif.newKeyValue(kp.getPublic()); |
| |
| // Create a KeyInfo and add the KeyValue to it |
| KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); |
| |
| // Create the XMLSignature (but don't sign it yet) |
| XMLSignature signature = fac.newXMLSignature(si, ki); |
| |
| // Create the Document that will hold the resulting XMLSignature |
| DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); |
| dbf.setNamespaceAware(true); // must be set |
| Document doc = dbf.newDocumentBuilder().newDocument(); |
| |
| // Create a DOMSignContext and set the signing Key to the DSA |
| // PrivateKey and specify where the XMLSignature should be inserted |
| // in the target document (in this case, the document root) |
| DOMSignContext signContext = new DOMSignContext(kp.getPrivate(), doc); |
| |
| // Marshal, generate (and sign) the detached XMLSignature. The DOM |
| // Document will contain the XML Signature if this method returns |
| // successfully. |
| signature.sign(signContext); |
| |
| // output the resulting document |
| OutputStream os; |
| if (args.length > 0) { |
| os = new FileOutputStream(args[0]); |
| } else { |
| os = System.out; |
| } |
| |
| TransformerFactory tf = TransformerFactory.newInstance(); |
| Transformer trans = tf.newTransformer(); |
| trans.transform(new DOMSource(doc), new StreamResult(os)); |
| } |
| } |