You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2012/07/05 12:47:46 UTC
svn commit: r1357547 - in /santuario/xml-security-java/trunk/src:
main/java/org/apache/xml/security/stax/ext/
test/java/org/apache/xml/security/test/stax/signature/
Author: coheigea
Date: Thu Jul 5 10:47:45 2012
New Revision: 1357547
URL: http://svn.apache.org/viewvc?rev=1357547&view=rev
Log:
Removed the Crypto stuff for signatures in XMLSecurityProperties
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java?rev=1357547&r1=1357546&r2=1357547&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/OutboundXMLSec.java Thu Jul 5 10:47:45 2012
@@ -29,7 +29,6 @@ import java.util.UUID;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
-import org.apache.xml.security.stax.crypto.CryptoType;
import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
import org.apache.xml.security.stax.impl.DocumentContextImpl;
import org.apache.xml.security.stax.impl.OutputProcessorChainImpl;
@@ -132,16 +131,11 @@ public class OutboundXMLSec {
}
private void configureSignatureKeys(final SecurityContextImpl securityContextImpl) throws XMLSecurityException {
- String alias = securityProperties.getSignatureUser();
Key key = securityProperties.getSignatureKey();
- X509Certificate[] x509Certificates = null;
- if (key instanceof PublicKey || key instanceof PrivateKey) {
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(alias);
- x509Certificates = securityProperties.getSignatureCrypto().getX509Certificates(cryptoType);
- if (x509Certificates == null || x509Certificates.length == 0) {
- throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, "noUserCertsFound", alias);
- }
+ X509Certificate[] x509Certificates = securityProperties.getSignatureCerts();
+ if ((key instanceof PublicKey || key instanceof PrivateKey)
+ && (x509Certificates == null || x509Certificates.length == 0)) {
+ throw new XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE, "noUserCertsFound");
}
final SecurityToken signatureSecurityToken = new SignatureSecurityToken(key, x509Certificates);
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java?rev=1357547&r1=1357546&r2=1357547&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSec.java Thu Jul 5 10:47:45 2012
@@ -111,12 +111,6 @@ public class XMLSec {
for (int i = 0; i < securityProperties.getOutAction().length; i++) {
XMLSecurityConstants.Action action = securityProperties.getOutAction()[i];
if (action.equals(XMLSecurityConstants.SIGNATURE)) {
- if (securityProperties.getSignatureKeyStore() == null) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
- }
- if (securityProperties.getSignatureUser() == null) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "noSignatureUser");
- }
/*
if (securityProperties.getCallbackHandler() == null) {
throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "noCallback");
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java?rev=1357547&r1=1357546&r2=1357547&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/ext/XMLSecurityProperties.java Thu Jul 5 10:47:45 2012
@@ -337,11 +337,18 @@ public class XMLSecurityProperties {
private String signatureAlgorithm;
private String signatureDigestAlgorithm;
private String signatureCanonicalizationAlgorithm;
- private Class<? extends MerlinBase> signatureCryptoClass;
- private KeyStore signatureKeyStore;
- private String signatureUser;
private boolean useSingleCert = true;
private Key signatureKey;
+ private X509Certificate[] signatureCerts;
+
+ public X509Certificate[] getSignatureCerts() {
+ return signatureCerts;
+ }
+
+ public void setSignatureCerts(X509Certificate[] signatureCerts) {
+ this.signatureCerts = signatureCerts;
+ }
+
public void addSignaturePart(SecurePart securePart) {
signatureParts.add(securePart);
@@ -367,14 +374,6 @@ public class XMLSecurityProperties {
this.signatureDigestAlgorithm = signatureDigestAlgorithm;
}
- public void setSignatureUser(String signatureUser) {
- this.signatureUser = signatureUser;
- }
-
- public String getSignatureUser() {
- return signatureUser;
- }
-
public void setSignatureKey(Key signatureKey) {
this.signatureKey = signatureKey;
}
@@ -383,54 +382,6 @@ public class XMLSecurityProperties {
return signatureKey;
}
- public KeyStore getSignatureKeyStore() {
- return signatureKeyStore;
- }
-
- public void loadSignatureKeyStore(URL url, char[] keyStorePassword) throws Exception {
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(url.openStream(), keyStorePassword);
- this.signatureKeyStore = keyStore;
- }
-
- public Class<? extends MerlinBase> getSignatureCryptoClass() {
- if (signatureCryptoClass != null) {
- return signatureCryptoClass;
- }
- signatureCryptoClass = org.apache.xml.security.stax.crypto.Merlin.class;
- return signatureCryptoClass;
- }
-
- public void setSignatureCryptoClass(Class<? extends MerlinBase> signatureCryptoClass) {
- this.signatureCryptoClass = signatureCryptoClass;
- }
-
- private Crypto cachedSignatureCrypto;
- private KeyStore cachedSignatureKeyStore;
-
- public Crypto getSignatureCrypto() throws XMLSecurityException {
-
- if (this.getSignatureKeyStore() == null) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureKeyStoreNotSet");
- }
-
- if (this.getSignatureKeyStore() == cachedSignatureKeyStore) {
- return cachedSignatureCrypto;
- }
-
- Class<? extends MerlinBase> signatureCryptoClass = this.getSignatureCryptoClass();
-
- try {
- MerlinBase signatureCrypto = signatureCryptoClass.newInstance();
- signatureCrypto.setKeyStore(this.getSignatureKeyStore());
- cachedSignatureCrypto = signatureCrypto;
- cachedSignatureKeyStore = this.getSignatureKeyStore();
- return signatureCrypto;
- } catch (Exception e) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureCryptoFailure", e);
- }
- }
-
public boolean isUseSingleCert() {
return useSingleCert;
}
@@ -465,8 +416,6 @@ public class XMLSecurityProperties {
this.signatureCanonicalizationAlgorithm = signatureCanonicalizationAlgorithm;
}
- private Class<? extends MerlinBase> signatureVerificationCryptoClass;
- private KeyStore signatureVerificationKeyStore;
private Key signatureVerificationKey;
public Key getSignatureVerificationKey() {
@@ -477,54 +426,6 @@ public class XMLSecurityProperties {
this.signatureVerificationKey = signatureVerificationKey;
}
- public KeyStore getSignatureVerificationKeyStore() {
- return signatureVerificationKeyStore;
- }
-
- public void loadSignatureVerificationKeystore(URL url, char[] keyStorePassword) throws Exception {
- KeyStore keyStore = KeyStore.getInstance("jks");
- keyStore.load(url.openStream(), keyStorePassword);
- this.signatureVerificationKeyStore = keyStore;
- }
-
- public Class<? extends MerlinBase> getSignatureVerificationCryptoClass() {
- if (signatureVerificationCryptoClass != null) {
- return signatureVerificationCryptoClass;
- }
- signatureVerificationCryptoClass = org.apache.xml.security.stax.crypto.Merlin.class;
- return signatureVerificationCryptoClass;
- }
-
- public void setSignatureVerificationCryptoClass(Class<? extends MerlinBase> signatureVerificationCryptoClass) {
- this.signatureVerificationCryptoClass = signatureVerificationCryptoClass;
- }
-
- private Crypto cachedSignatureVerificationCrypto;
- private KeyStore cachedSignatureVerificationKeyStore;
-
- public Crypto getSignatureVerificationCrypto() throws XMLSecurityException {
-
- if (this.getSignatureVerificationKeyStore() == null) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureVerificationKeyStoreNotSet");
- }
-
- if (this.getSignatureVerificationKeyStore() == cachedSignatureVerificationKeyStore) {
- return cachedSignatureVerificationCrypto;
- }
-
- Class<? extends MerlinBase> signatureVerificationCryptoClass = this.getSignatureVerificationCryptoClass();
-
- try {
- MerlinBase signatureVerificationCrypto = signatureVerificationCryptoClass.newInstance();
- signatureVerificationCrypto.setKeyStore(this.getSignatureVerificationKeyStore());
- cachedSignatureVerificationCrypto = signatureVerificationCrypto;
- cachedSignatureVerificationKeyStore = this.getSignatureVerificationKeyStore();
- return signatureVerificationCrypto;
- } catch (Exception e) {
- throw new XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, "signatureVerificationCryptoFailure", e);
- }
- }
-
private boolean skipDocumentEvents = false;
/**
Modified: santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java?rev=1357547&r1=1357546&r2=1357547&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java (original)
+++ santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/stax/signature/SignatureCreationTest.java Thu Jul 5 10:47:45 2012
@@ -22,6 +22,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
+import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.List;
@@ -38,7 +39,6 @@ import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.signature.XMLSignature;
-import org.apache.xml.security.stax.crypto.CryptoType;
import org.apache.xml.security.stax.ext.OutboundXMLSec;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.ext.XMLSec;
@@ -82,19 +82,22 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
);
- properties.setSignatureUser("transmitter");
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -112,10 +115,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -125,10 +125,17 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
);
- properties.setSignatureUser("transmitter");
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
@@ -137,10 +144,6 @@ public class SignatureCreationTest exten
new SecurePart(new QName("urn:example:po", "ShippingAddress"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -158,10 +161,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -171,21 +171,18 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
- );
- properties.setSignatureUser("transmitter");
+
+ // Set the key up
+ byte[] hmacKey = "secret".getBytes("ASCII");
+ SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
+ properties.setSignatureKey(key);
+
properties.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- byte[] hmacKey = "secret".getBytes("ASCII");
- SecretKey key = new SecretKeySpec(hmacKey, "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -213,10 +210,18 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
);
- properties.setSignatureUser("transmitter");
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
properties.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
properties.setSignatureDigestAlgorithm("http://www.w3.org/2001/04/xmlenc#sha256");
@@ -224,10 +229,6 @@ public class SignatureCreationTest exten
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -245,10 +246,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -258,21 +256,25 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
this.getClass().getClassLoader().getResource(
- "org/apache/xml/security/samples/input/ecdsa.jks"), "security".toCharArray()
+ "org/apache/xml/security/samples/input/ecdsa.jks").openStream(),
+ "security".toCharArray()
);
- properties.setSignatureUser("ECDSA");
+ Key key = keyStore.getKey("ECDSA", "security".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("ECDSA");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
properties.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1");
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("ECDSA", "security");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -290,10 +292,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -303,11 +302,18 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
+
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
this.getClass().getClassLoader().getResource(
- "org/apache/xml/security/samples/input/ecdsa.jks"), "security".toCharArray()
+ "org/apache/xml/security/samples/input/ecdsa.jks").openStream(),
+ "security".toCharArray()
);
- properties.setSignatureUser("ECDSA");
+ Key key = keyStore.getKey("ECDSA", "security".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("ECDSA");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
properties.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256");
properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
properties.setSignatureDigestAlgorithm("http://www.w3.org/2001/04/xmlenc#sha256");
@@ -316,10 +322,6 @@ public class SignatureCreationTest exten
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("ECDSA", "security");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -337,10 +339,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -350,20 +349,24 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
);
- properties.setSignatureUser("transmitter");
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -381,10 +384,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}
@Test
@@ -394,20 +394,24 @@ public class SignatureCreationTest exten
XMLSecurityConstants.Action[] actions =
new XMLSecurityConstants.Action[]{XMLSecurityConstants.SIGNATURE};
properties.setOutAction(actions);
- properties.loadSignatureKeyStore(
- this.getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray()
+
+ // Set the key up
+ KeyStore keyStore = KeyStore.getInstance("jks");
+ keyStore.load(
+ this.getClass().getClassLoader().getResource("transmitter.jks").openStream(),
+ "default".toCharArray()
);
- properties.setSignatureUser("transmitter");
+ Key key = keyStore.getKey("transmitter", "default".toCharArray());
+ properties.setSignatureKey(key);
+ X509Certificate cert = (X509Certificate)keyStore.getCertificate("transmitter");
+ properties.setSignatureCerts(new X509Certificate[]{cert});
+
properties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2006/12/xml-c14n11");
SecurePart securePart =
new SecurePart(new QName("urn:example:po", "PaymentInfo"), SecurePart.Modifier.Content);
properties.addSignaturePart(securePart);
- // Set the key up
- Key key = properties.getSignatureCrypto().getPrivateKey("transmitter", "default");
- properties.setSignatureKey(key);
-
OutboundXMLSec outboundXMLSec = XMLSec.getOutboundXMLSec(properties);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = outboundXMLSec.processOutMessage(baos, "UTF-8");
@@ -425,10 +429,7 @@ public class SignatureCreationTest exten
documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(baos.toByteArray()));
// Verify using DOM
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(properties.getSignatureUser());
- X509Certificate[] x509Certificates = properties.getSignatureCrypto().getX509Certificates(cryptoType);
- verifyUsingDOM(document, x509Certificates[0], properties.getSignatureSecureParts());
+ verifyUsingDOM(document, cert, properties.getSignatureSecureParts());
}