You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/06/29 18:36:25 UTC
svn commit: r1355461 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/ext/
test/java/org/apache/xml/security/test/stax/signature/
Author: coheigea
Date: Fri Jun 29 16:36:24 2012
New Revision: 1355461
URL: http://svn.apache.org/viewvc?rev=1355461&view=rev
Log:
Added some code to make it easier to set up outbound signature
Added:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureTest.java
Added: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java?rev=1355461&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java (added)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java Fri Jun 29 16:36:24 2012
@@ -0,0 +1,253 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.stax.ext;
+
+import java.io.OutputStream;
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.cert.X509Certificate;
+import java.util.List;
+import java.util.UUID;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.xml.security.stax.crypto.CryptoType;
+import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
+import org.apache.xml.security.stax.impl.DocumentContextImpl;
+import org.apache.xml.security.stax.impl.OutputProcessorChainImpl;
+import org.apache.xml.security.stax.impl.SecurityContextImpl;
+import org.apache.xml.security.stax.impl.XMLSecurityStreamWriter;
+import org.apache.xml.security.stax.impl.processor.output.FinalOutputProcessor;
+import org.apache.xml.security.stax.impl.processor.output.XMLSignatureOutputProcessor;
+
+/**
+ * Outbound Streaming-XML-Security
+ * An instance of this class can be retrieved over the XMLSec class
+ *
+ * @author $Author: coheigea $
+ * @version $Revision: 1355448 $ $Date: 2012-06-29 16:38:18 +0100 (Fri, 29 Jun 2012) $
+ */
+public class OutboundXMLSec {
+
+ private final XMLSecurityProperties securityProperties;
+
+ public OutboundXMLSec(XMLSecurityProperties securityProperties) {
+ this.securityProperties = securityProperties;
+ }
+
+ /**
+ * This method is the entry point for the incoming security-engine.
+ * Hand over a outputStream and use the returned XMLStreamWriter for further processing
+ *
+ * @param outputStream The original outputStream
+ * @return A new XMLStreamWriter which does transparently the security processing.
+ * @throws XMLSecurityException thrown when a Security failure occurs
+ */
+ public XMLStreamWriter processOutMessage(OutputStream outputStream, String encoding) throws XMLSecurityException {
+ return processOutMessage((Object)outputStream, encoding);
+ }
+
+ /**
+ * This method is the entry point for the incoming security-engine.
+ * Hand over the original XMLStreamWriter and use the returned one for further processing
+ *
+ * @param xmlStreamWriter The original xmlStreamWriter
+ * @return A new XMLStreamWriter which does transparently the security processing.
+ * @throws XMLSecurityException thrown when a Security failure occurs
+ */
+ public XMLStreamWriter processOutMessage(XMLStreamWriter xmlStreamWriter, String encoding) throws XMLSecurityException {
+ return processOutMessage((Object)xmlStreamWriter, encoding);
+ }
+
+ private XMLStreamWriter processOutMessage(Object output, String encoding) throws XMLSecurityException {
+ final SecurityContextImpl securityContextImpl = new SecurityContextImpl();
+ final DocumentContextImpl documentContext = new DocumentContextImpl();
+ documentContext.setEncoding(encoding);
+
+ OutputProcessorChainImpl outputProcessorChain = new OutputProcessorChainImpl(securityContextImpl, documentContext);
+
+ for (int i = 0; i < securityProperties.getOutAction().length; i++) {
+ XMLSecurityConstants.Action action = securityProperties.getOutAction()[i];
+ if (action.equals(XMLSecurityConstants.SIGNATURE)) {
+ XMLSignatureOutputProcessor signatureOutputProcessor = new XMLSignatureOutputProcessor();
+ initializeOutputProcessor(outputProcessorChain, signatureOutputProcessor, action);
+
+ configureSignatureKeys(securityContextImpl);
+ List<SecurePart> signatureParts = securityProperties.getSignatureSecureParts();
+ for (int j = 0; j < signatureParts.size(); j++) {
+ SecurePart securePart = signatureParts.get(j);
+ if (securePart.getIdToSign() == null) {
+ outputProcessorChain.getSecurityContext().putAsMap(
+ XMLSecurityConstants.SIGNATURE_PARTS,
+ securePart.getName(),
+ securePart
+ );
+ } else {
+ outputProcessorChain.getSecurityContext().putAsMap(
+ XMLSecurityConstants.SIGNATURE_PARTS,
+ securePart.getIdToSign(),
+ securePart
+ );
+ }
+ }
+ }
+ }
+ if (output instanceof OutputStream) {
+ final FinalOutputProcessor finalOutputProcessor = new FinalOutputProcessor((OutputStream) output, encoding);
+ initializeOutputProcessor(outputProcessorChain, finalOutputProcessor, null);
+
+ } else if (output instanceof XMLStreamWriter) {
+ final FinalOutputProcessor finalOutputProcessor = new FinalOutputProcessor((XMLStreamWriter) output);
+ initializeOutputProcessor(outputProcessorChain, finalOutputProcessor, null);
+
+ } else {
+ throw new IllegalArgumentException(output + " is not supported as output");
+ }
+
+ return new XMLSecurityStreamWriter(outputProcessorChain);
+ }
+
+ private void initializeOutputProcessor(OutputProcessorChainImpl outputProcessorChain, OutputProcessor outputProcessor, XMLSecurityConstants.Action action) throws XMLSecurityException {
+ outputProcessor.setXMLSecurityProperties(securityProperties);
+ outputProcessor.setAction(action);
+ outputProcessor.init(outputProcessorChain);
+ }
+
+ private void configureSignatureKeys(final SecurityContextImpl securityContextImpl) throws XMLSecurityException {
+ String alias = securityProperties.getSignatureUser();
+ Key key = securityProperties.getSignatureKey();
+ X509Certificate[] x509Certificates = null;
+ if (key instanceof PublicKey) {
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ cryptoType.setAlias(alias);
+ x509Certificates = securityProperties.getSignatureCrypto().getX509Certificates(cryptoType);
+ if (x509Certificates == null || x509Certificates.length == 0) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, "noUserCertsFound", alias);
+ }
+ }
+
+ final SecurityToken signatureSecurityToken = new SignatureSecurityToken(key, x509Certificates);
+ final String securityTokenid = UUID.randomUUID().toString();
+
+ final SecurityTokenProvider signatureSecurityTokenProvider = new SecurityTokenProvider() {
+
+ @Override
+ public SecurityToken getSecurityToken() throws XMLSecurityException {
+ return signatureSecurityToken;
+ }
+
+ @Override
+ public String getId() {
+ return securityTokenid;
+ }
+ };
+ securityContextImpl.registerSecurityTokenProvider(securityTokenid, signatureSecurityTokenProvider);
+
+ securityContextImpl.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, securityTokenid);
+ }
+
+ private static class SignatureSecurityToken implements SecurityToken {
+ private Key key;
+ private X509Certificate[] certs;
+
+ public SignatureSecurityToken(Key key, X509Certificate[] certs) {
+ this.key = key;
+ this.certs = certs;
+ }
+
+ public String getId() {
+ return null;
+ }
+
+
+ public Object getProcessor() {
+ return null;
+ }
+
+ public boolean isAsymmetric() {
+ return false;
+ }
+
+ public Key getSecretKey(
+ String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage
+ ) throws XMLSecurityException {
+ return key;
+ }
+
+ public PublicKey getPublicKey(
+ String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage
+ ) throws XMLSecurityException {
+ return null;
+ }
+
+ public X509Certificate[] getX509Certificates() throws XMLSecurityException {
+ return certs;
+ }
+
+ public void verify() throws XMLSecurityException {
+ }
+
+ public SecurityToken getKeyWrappingToken() {
+ return null;
+ }
+
+ public XMLSecurityConstants.TokenType getTokenType() {
+ return null;
+ }
+
+ @Override
+ public List<QName> getElementPath() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public XMLSecEvent getXMLSecEvent() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<SecurityToken> getWrappedTokens()
+ throws XMLSecurityException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void addWrappedToken(SecurityToken securityToken) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void addTokenUsage(TokenUsage tokenUsage)
+ throws XMLSecurityException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public List<TokenUsage> getTokenUsages() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ };
+}
Added: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java?rev=1355461&view=auto
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java (added)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java Fri Jun 29 16:36:24 2012
@@ -0,0 +1,127 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.stax.ext;
+
+import java.net.URISyntaxException;
+import java.security.Provider;
+import java.security.Security;
+
+import org.apache.xml.security.stax.config.Init;
+
+/**
+ * This is the central class of the streaming XML-security framework.<br/>
+ * Instances of the inbound and outbound security streams can be retrieved
+ * with this class.
+ *
+ * @author $Author: coheigea $
+ * @version $Revision: 1354898 $ $Date: 2012-06-28 11:19:02 +0100 (Thu, 28 Jun 2012) $
+ */
+public class XMLSec {
+
+ //todo crl check
+ //todo outgoing client setup per policy
+
+ static {
+ try {
+ Class<?> c =
+ XMLSec.class.getClassLoader().loadClass("org.bouncycastle.jce.provider.BouncyCastleProvider");
+ if (null == Security.getProvider("BC")) {
+ Security.addProvider((Provider) c.newInstance());
+ }
+ } catch (Throwable e) {
+ throw new RuntimeException("Adding BouncyCastle provider failed", e);
+ }
+
+ try {
+ Init.init(XMLSec.class.getClassLoader().getResource("security-config.xml").toURI());
+ } catch (XMLSecurityException e) {
+ throw new RuntimeException(e.getMessage(), e);
+ } catch (URISyntaxException e) {
+ throw new RuntimeException(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * Creates and configures an outbound streaming security engine
+ *
+ * @param securityProperties The user-defined security configuration
+ * @return A new OutboundXMLSec
+ * @throws org.apache.xml.security.stax.ext.XMLSecurityException
+ * if the initialisation failed
+ * @throws org.apache.xml.security.stax.ext.XMLSecurityConfigurationException
+ * if the configuration is invalid
+ */
+ public static OutboundXMLSec getOutboundXMLSec(XMLSecurityProperties securityProperties) throws XMLSecurityException {
+ if (securityProperties == null) {
+ throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "missingSecurityProperties");
+ }
+
+ securityProperties = validateAndApplyDefaultsToOutboundSecurityProperties(securityProperties);
+ return new OutboundXMLSec(securityProperties);
+ }
+
+
+ /**
+ * Validates the user supplied configuration and applies default values as appropriate for the outbound security engine
+ *
+ * @param securityProperties The configuration to validate
+ * @return The validated configuration
+ * @throws org.apache.xml.security.stax.ext.XMLSecurityConfigurationException
+ * if the configuration is invalid
+ */
+ public static XMLSecurityProperties validateAndApplyDefaultsToOutboundSecurityProperties(XMLSecurityProperties securityProperties) throws XMLSecurityConfigurationException {
+ if (securityProperties.getOutAction() == null) {
+ throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "noOutputAction");
+ }
+
+ for (int i = 0; i < securityProperties.getOutAction().length; i++) {
+ XMLSecurityConstants.Action action = securityProperties.getOutAction()[i];
+ if (action.equals(XMLSecurityConstants.SIGNATURE)) {
+ if (securityProperties.getSignatureKeyStore() == null) {
+ throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
+ }
+ if (securityProperties.getSignatureUser() == null) {
+ throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "noSignatureUser");
+ }
+ /*
+ if (securityProperties.getCallbackHandler() == null) {
+ throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "noCallback");
+ }
+ */
+ if (securityProperties.getSignatureAlgorithm() == null) {
+ securityProperties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
+ }
+ if (securityProperties.getSignatureDigestAlgorithm() == null) {
+ securityProperties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
+ }
+ if (securityProperties.getSignatureCanonicalizationAlgorithm() == null) {
+ securityProperties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
+ }
+ /*
+ if (securityProperties.getSignatureKeyIdentifierType() == null) {
+ securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.ISSUER_SERIAL);
+ }
+ */
+ }
+ }
+ //todo clone securityProperties
+ return securityProperties;
+ }
+
+}
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java?rev=1355461&r1=1355460&r2=1355461&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java Fri Jun 29 16:36:24 2012
@@ -23,6 +23,7 @@ import org.apache.xml.security.stax.cryp
import javax.security.auth.callback.CallbackHandler;
import java.net.URL;
+import java.security.Key;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -340,6 +341,7 @@ public class XMLSecurityProperties {
private KeyStore signatureKeyStore;
private String signatureUser;
private boolean useSingleCert = true;
+ private Key signatureKey;
public void addSignaturePart(SecurePart securePart) {
signatureParts.add(securePart);
@@ -372,6 +374,14 @@ public class XMLSecurityProperties {
public String getSignatureUser() {
return signatureUser;
}
+
+ public void setSignatureKey(Key signatureKey) {
+ this.signatureKey = signatureKey;
+ }
+
+ public Key getSignatureKey() {
+ return signatureKey;
+ }
public KeyStore getSignatureKeyStore() {
return signatureKeyStore;
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureTest.java?rev=1355461&r1=1355460&r2=1355461&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureTest.java Fri Jun 29 16:36:24 2012
@@ -22,12 +22,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.Security;
import java.security.cert.X509Certificate;
-import java.util.List;
-import java.util.UUID;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
@@ -40,21 +35,12 @@ import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.signature.XMLSignature;
-import org.apache.xml.security.stax.config.Init;
import org.apache.xml.security.stax.crypto.CryptoType;
+import org.apache.xml.security.stax.ext.OutboundXMLSec;
import org.apache.xml.security.stax.ext.SecurePart;
-import org.apache.xml.security.stax.ext.SecurityToken;
-import org.apache.xml.security.stax.ext.SecurityTokenProvider;
+import org.apache.xml.security.stax.ext.XMLSec;
import org.apache.xml.security.stax.ext.XMLSecurityConstants;
-import org.apache.xml.security.stax.ext.XMLSecurityException;
import org.apache.xml.security.stax.ext.XMLSecurityProperties;
-import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
-import org.apache.xml.security.stax.impl.DocumentContextImpl;
-import org.apache.xml.security.stax.impl.OutputProcessorChainImpl;
-import org.apache.xml.security.stax.impl.SecurityContextImpl;
-import org.apache.xml.security.stax.impl.XMLSecurityStreamWriter;
-import org.apache.xml.security.stax.impl.processor.output.FinalOutputProcessor;
-import org.apache.xml.security.stax.impl.processor.output.XMLSignatureOutputProcessor;
import org.apache.xml.security.test.dom.DSNamespaceContext;
import org.apache.xml.security.test.stax.utils.XMLSecEventAllocator;
import org.apache.xml.security.test.stax.utils.XmlReaderToWriter;
@@ -71,25 +57,9 @@ public class SignatureTest extends org.j
private XMLInputFactory xmlInputFactory;
private DocumentBuilderFactory documentBuilderFactory;
-
- static {
- try {
- Class<?> c =
- SignatureTest.class.getClassLoader().loadClass(
- "org.bouncycastle.jce.provider.BouncyCastleProvider"
- );
- if (null == Security.getProvider("BC")) {
- // Security.addProvider((Provider) c.newInstance());
- Security.insertProviderAt((Provider) c.newInstance(), 1);
- }
- } catch (Throwable e) {
- throw new RuntimeException("Adding BouncyCastle provider failed", e);
- }
- }
@Before
public void setUp() throws Exception {
- Init.init(SignatureTest.class.getClassLoader().getResource("security-config.xml").toURI());
org.apache.xml.security.Init.init();
xmlInputFactory = XMLInputFactory.newInstance();
@@ -113,52 +83,24 @@ public class SignatureTest extends org.j
this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
);
properties.setSignatureUser("transmitter");
- properties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
- properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
- properties.setSignatureDigestAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
// Set the key up
- SecurityContextImpl securityContextImpl = new SecurityContextImpl();
Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
-
- SignatureSecurityToken securityToken = new SignatureSecurityToken(key, x509Certificates);
- String id = UUID.randomUUID().toString();
- SignatureSecurityTokenProvider securityTokenProvider =
- new SignatureSecurityTokenProvider(securityToken, id);
- securityContextImpl.registerSecurityTokenProvider(id, securityTokenProvider);
- securityContextImpl.put(XMLSecurityConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE, id);
- securityContextImpl.putAsMap(XMLSecurityConstants.SIGNATURE_PARTS, securePart.getName(), securePart);
+ properties.setSignatureKey(key);
- final DocumentContextImpl documentContext = new DocumentContextImpl();
- documentContext.setEncoding("UTF-8");
+ OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
+
InputStream sourceDocument =
this.getClass().getClassLoader().getResourceAsStream(
"ie/baltimore/merlin-examples/merlin-xmlenc-five/plaintext.xml");
-
- OutputProcessorChainImpl processorChain =
- new OutputProcessorChainImpl(securityContextImpl, documentContext);
- XMLSignatureOutputProcessor signatureOutputProcessor = new XMLSignatureOutputProcessor();
- signatureOutputProcessor.setXMLSecurityProperties(properties);
- signatureOutputProcessor.setAction(XMLSecurityConstants.SIGNATURE);
- signatureOutputProcessor.init(processorChain);
-
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- FinalOutputProcessor finalOutputProcessor = new FinalOutputProcessor(baos, "UTF-8");
- finalOutputProcessor.setXMLSecurityProperties(properties);
- finalOutputProcessor.setAction(null);
- finalOutputProcessor.init(processorChain);
- processorChain.addProcessor(finalOutputProcessor);
-
- XMLStreamWriter xmlStreamWriter = new XMLSecurityStreamWriter(processorChain);
-
XMLStreamReader xmlStreamReader = xmlInputFactory.createXMLStreamReader(sourceDocument);
+
XmlReaderToWriter.writeAll(xmlStreamReader, xmlStreamWriter);
xmlStreamWriter.close();
@@ -167,6 +109,9 @@ public class SignatureTest extends org.j
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ cryptoType.setAlias(properties.getSignatureUser());
+ X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
verifyUsingDOM(document, x509Certificates[0], securePart);
}
@@ -200,112 +145,5 @@ public class SignatureTest extends org.j
Assert.assertTrue(signature.checkSignatureValue(cert));
}
- private static class SignatureSecurityToken implements SecurityToken {
- private Key key;
- private X509Certificate[] certs;
-
- public SignatureSecurityToken(Key key, X509Certificate[] certs) {
- this.key = key;
- this.certs = certs;
- }
-
- public String getId() {
- return null;
- }
-
-
- public Object getProcessor() {
- return null;
- }
-
- public boolean isAsymmetric() {
- return false;
- }
-
- public Key getSecretKey(
- String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage
- ) throws XMLSecurityException {
- return key;
- }
-
- public PublicKey getPublicKey(
- String algorithmURI, XMLSecurityConstants.KeyUsage keyUsage
- ) throws XMLSecurityException {
- return null;
- }
-
- public X509Certificate[] getX509Certificates() throws XMLSecurityException {
- return certs;
- }
-
- public void verify() throws XMLSecurityException {
- }
-
- public SecurityToken getKeyWrappingToken() {
- return null;
- }
-
- public XMLSecurityConstants.TokenType getTokenType() {
- return null;
- }
-
- @Override
- public List<QName> getElementPath() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public XMLSecEvent getXMLSecEvent() {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public List<SecurityToken> getWrappedTokens()
- throws XMLSecurityException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public void addWrappedToken(SecurityToken securityToken) {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void addTokenUsage(TokenUsage tokenUsage)
- throws XMLSecurityException {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public List<TokenUsage> getTokenUsages() {
- // TODO Auto-generated method stub
- return null;
- }
- };
-
- private static class SignatureSecurityTokenProvider implements SecurityTokenProvider {
- private SecurityToken token;
- private String id;
-
- public SignatureSecurityTokenProvider(SecurityToken token, String id) {
- this.token = token;
- }
-
- @Override
- public String getId() {
- return id;
- }
-
- @Override
- public SecurityToken getSecurityToken() throws XMLSecurityException {
- return token;
- }
- };
-
}
\ No newline at end of file