/* * Copyright 2006 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * */ package javax.xml.crypto.dsig.samples; import javax.xml.crypto.*; import javax.xml.crypto.dsig.*; import javax.xml.crypto.dom.*; import javax.xml.crypto.dsig.dom.DOMSignContext; import javax.xml.crypto.dsig.keyinfo.*; import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.OutputStream; import java.security.*; import java.util.Arrays; import java.util.Collections; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.transform.*; import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Document; import org.w3c.dom.Node; /** * This is a simple example of generating an Enveloping XML * Signature using the JSR 105 API. The signature in this case references a * local URI that points to an Object element. * The resulting signature will look like (certificate and * signature values will be different): * *

 * 
 *   
 *     
 *     
 *     
 *       
 *       7/XTsHaBSOnJ/jXD5v0zL6VKYsk=
 *     
 *   
 *   
 *     RpMRbtMHLa0siSS+BwUpLIEmTfh/0fsld2JYQWZzCzfa5kBTz25+XA==
 *   
 *   
 *     
 *       
 *         

* /KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQTxeEu0Imbz * RMqzVDZkVG9xD7nN1kuFw== *

* * li7dzDacuo67Jg7mtqEm2TRuOMU= * * * Z4Rxsnqc9E7pGknFFH2xqaryRPBaQ01khpMdLRQnG541Awtx/XPaF5Bpsy4pNWMOH * CBiNU0NogpsQW5QvnlMpA== * * * wbEUaCgHZXqK4qLvbdYrAc6+Do0XVcsziCJqxzn4cJJRxwc3E1xnEXHscVgr1Cql9 * i5fanOKQbFXzmb+bChqig== * *
*
*
* some text *
* *
*/ public class GenEnveloping { // // Synopis: java GenEnveloping [output] // // where "output" is the name of a file that will contain the // generated signature. If not specified, standard ouput will be used. // public static void main(String[] args) throws Exception { // First, create the DOM XMLSignatureFactory that will be used to // generate the XMLSignature String providerName = System.getProperty ("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); // Next, create a Reference to a same-document URI that is an Object // element and specify the SHA1 digest algorithm Reference ref = fac.newReference("#object", fac.newDigestMethod(DigestMethod.SHA1, null)); // Next, create the referenced Object DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); Document doc = dbf.newDocumentBuilder().newDocument(); Node text = doc.createTextNode("some text"); XMLStructure content = new DOMStructure(text); XMLObject obj = fac.newXMLObject (Collections.singletonList(content), "object", null, null); // Create the SignedInfo SignedInfo si = fac.newSignedInfo( fac.newCanonicalizationMethod (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null), fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null), Collections.singletonList(ref)); // Create a DSA KeyPair KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA"); kpg.initialize(512); KeyPair kp = kpg.generateKeyPair(); // Create a KeyValue containing the DSA PublicKey that was generated KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(kp.getPublic()); // Create a KeyInfo and add the KeyValue to it KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); // Create the XMLSignature (but don't sign it yet) XMLSignature signature = fac.newXMLSignature(si, ki, Collections.singletonList(obj), null, null); // Create a DOMSignContext and specify the DSA PrivateKey for signing // and the document location of the XMLSignature DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc); // Lastly, generate the enveloping signature using the PrivateKey signature.sign(dsc); // output the resulting document OutputStream os; if (args.length > 0) { os = new FileOutputStream(args[0]); } else { os = System.out; } TransformerFactory tf = TransformerFactory.newInstance(); Transformer trans = tf.newTransformer(); trans.transform(new DOMSource(doc), new StreamResult(os)); } }