| /** |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package javax.xml.crypto.dsig.samples; |
| |
| import javax.xml.crypto.*; |
| import javax.xml.crypto.dsig.*; |
| import javax.xml.crypto.dom.*; |
| import javax.xml.crypto.dsig.dom.DOMSignContext; |
| import javax.xml.crypto.dsig.keyinfo.*; |
| import javax.xml.crypto.dsig.spec.*; |
| import java.io.FileInputStream; |
| import java.io.FileOutputStream; |
| import java.io.OutputStream; |
| import java.security.*; |
| import java.util.Collections; |
| import javax.xml.parsers.DocumentBuilderFactory; |
| import javax.xml.transform.*; |
| import javax.xml.transform.dom.DOMSource; |
| import javax.xml.transform.stream.StreamResult; |
| import org.w3c.dom.Document; |
| |
| /** |
| * This is a simple example of generating an Enveloped XML |
| * Signature using the JSR 105 API. The resulting signature will look |
| * like (key and signature values will be different): |
| * |
| * <pre><code> |
| *<Envelope xmlns="urn:envelope"> |
| * <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> |
| * <SignedInfo> |
| * <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n |
| -20010315"/> |
| * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/> |
| * <Reference URI=""> |
| * <Transforms> |
| * <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> |
| * </Transforms> |
| * <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> |
| * <DigestValue>K8M/lPbKnuMDsO0Uzuj75lQtzQI=<DigestValue> |
| * </Reference> |
| * </SignedInfo> |
| * <SignatureValue> |
| * DpEylhQoiUKBoKWmYfajXO7LZxiDYgVtUtCNyTgwZgoChzorA2nhkQ== |
| * </SignatureValue> |
| * <KeyInfo> |
| * <KeyValue> |
| * <DSAKeyValue> |
| * <P> |
| * rFto8uPQM6y34FLPmDh40BLJ1rVrC8VeRquuhPZ6jYNFkQuwxnu/wCvIAMhukPBL |
| * FET8bJf/b2ef+oqxZajEb+88zlZoyG8g/wMfDBHTxz+CnowLahnCCTYBp5kt7G8q |
| * UobJuvjylwj1st7V9Lsu03iXMXtbiriUjFa5gURasN8= |
| * </P> |
| * <Q> |
| * kEjAFpCe4lcUOdwphpzf+tBaUds= |
| * </Q> |
| * <G> |
| * oe14R2OtyKx+s+60O5BRNMOYpIg2TU/f15N3bsDErKOWtKXeNK9FS7dWStreDxo2 |
| * SSgOonqAd4FuJ/4uva7GgNL4ULIqY7E+mW5iwJ7n/WTELh98mEocsLXkNh24HcH4 |
| * BZfSCTruuzmCyjdV1KSqX/Eux04HfCWYmdxN3SQ/qqw= |
| * </G> |
| * <Y> |
| * pA5NnZvcd574WRXuOA7ZfC/7Lqt4cB0MRLWtHubtJoVOao9ib5ry4rTk0r6ddnOv |
| * AIGKktutzK3ymvKleS3DOrwZQgJ+/BDWDW8kO9R66o6rdjiSobBi/0c2V1+dkqOg |
| * jFmKz395mvCOZGhC7fqAVhHat2EjGPMfgSZyABa7+1k= |
| * </Y> |
| * </DSAKeyValue> |
| * </KeyValue> |
| * </KeyInfo> |
| * </Signature> |
| *</Envelope> |
| * </code></pre> |
| */ |
| public class GenEnveloped { |
| |
| // |
| // Synopsis: java GenEnveloped [document] [output] |
| // |
| // where "document" is the name of a file containing the XML document |
| // to be signed, and "output" is the name of the file to store the |
| // signed document. The 2nd argument is optional - if not specified, |
| // standard output will be used. |
| // |
| public static void main(String[] args) throws Exception { |
| |
| // Create a DOM XMLSignatureFactory that will be used to generate the |
| // enveloped signature |
| String providerName = System.getProperty |
| ("jsr105Provider", "org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI"); |
| XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", |
| (Provider) Class.forName(providerName).newInstance()); |
| |
| // Create a Reference to the enveloped document (in this case we are |
| // signing the whole document, so a URI of "" signifies that) and |
| // also specify the SHA1 digest algorithm and the ENVELOPED Transform. |
| Reference ref = fac.newReference |
| ("", fac.newDigestMethod(DigestMethod.SHA1, null), |
| Collections.singletonList |
| (fac.newTransform |
| (Transform.ENVELOPED, (TransformParameterSpec) null)), |
| null, null); |
| |
| // Create the SignedInfo |
| SignedInfo si = fac.newSignedInfo |
| (fac.newCanonicalizationMethod |
| (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, |
| (C14NMethodParameterSpec) null), |
| fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), |
| Collections.singletonList(ref)); |
| |
| // Create a DSA KeyPair |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA"); |
| kpg.initialize(512); |
| KeyPair kp = kpg.generateKeyPair(); |
| |
| // Create a KeyValue containing the DSA PublicKey that was generated |
| KeyInfoFactory kif = fac.getKeyInfoFactory(); |
| KeyValue kv = kif.newKeyValue(kp.getPublic()); |
| |
| // Create a KeyInfo and add the KeyValue to it |
| KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); |
| |
| // Instantiate the document to be signed |
| DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); |
| dbf.setNamespaceAware(true); |
| Document doc = |
| dbf.newDocumentBuilder().parse(new FileInputStream(args[0])); |
| |
| // Create a DOMSignContext and specify the DSA PrivateKey and |
| // location of the resulting XMLSignature's parent element |
| DOMSignContext dsc = new DOMSignContext |
| (kp.getPrivate(), doc.getDocumentElement()); |
| |
| // Create the XMLSignature (but don't sign it yet) |
| XMLSignature signature = fac.newXMLSignature(si, ki); |
| |
| // Marshal, generate (and sign) the enveloped signature |
| signature.sign(dsc); |
| |
| // output the resulting document |
| OutputStream os; |
| if (args.length > 1) { |
| os = new FileOutputStream(args[1]); |
| } else { |
| os = System.out; |
| } |
| |
| TransformerFactory tf = TransformerFactory.newInstance(); |
| Transformer trans = tf.newTransformer(); |
| trans.transform(new DOMSource(doc), new StreamResult(os)); |
| } |
| } |