Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
honwhy.wang
committed
Sep 7, 2018
0 parents
commit bf364c9
Showing
15 changed files
with
3,342 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
# Compiled class file | ||
*.class | ||
|
||
# Log file | ||
*.log | ||
|
||
# BlueJ files | ||
*.ctxt | ||
|
||
# Mobile Tools for Java (J2ME) | ||
.mtj.tmp/ | ||
|
||
# Package Files # | ||
*.jar | ||
*.war | ||
*.nar | ||
*.ear | ||
*.zip | ||
*.tar.gz | ||
*.rar | ||
|
||
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml | ||
hs_err_pid* | ||
|
||
# add more | ||
.idea/ | ||
.mvn/ | ||
target/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# xml-sec | ||
demo project for apache xmlsec and BouncyCastle Provider usage | ||
|
||
dependencies | ||
``` | ||
<dependency> | ||
<groupId>org.apache.santuario</groupId> | ||
<artifactId>xmlsec</artifactId> | ||
<version>2.0.8</version> | ||
</dependency> | ||
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on --> | ||
<dependency> | ||
<groupId>org.bouncycastle</groupId> | ||
<artifactId>bcprov-jdk15on</artifactId> | ||
<version>1.60</version> | ||
</dependency> | ||
``` | ||
|
||
use BouncyCastle to do RSA for XMLSignature, see `BcSignatureAlgorithm` | ||
|
||
this is a SpringBoot Project, but it can be used as an dependency, | ||
``` | ||
<dependency> | ||
<groupId>com.honey</groupId> | ||
<artifactId>xml-sec</artifactId> | ||
<version>0.0.1-SNAPSHOT</version> | ||
<exclusions> | ||
<exclusion> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>*</artifactId> | ||
</exclusion> | ||
</exclusions> | ||
</dependency> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<groupId>com.honey</groupId> | ||
<artifactId>xml-sec</artifactId> | ||
<version>0.0.1-SNAPSHOT</version> | ||
<packaging>jar</packaging> | ||
|
||
<name>xml-sec</name> | ||
<description>Demo project for Spring Boot</description> | ||
|
||
<parent> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-parent</artifactId> | ||
<version>1.5.3.RELEASE</version> | ||
<relativePath/> <!-- lookup parent from repository --> | ||
</parent> | ||
|
||
<properties> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> | ||
<java.version>1.7</java.version> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter</artifactId> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.apache.santuario</groupId> | ||
<artifactId>xmlsec</artifactId> | ||
<version>2.0.8</version> | ||
</dependency> | ||
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on --> | ||
<dependency> | ||
<groupId>org.bouncycastle</groupId> | ||
<artifactId>bcprov-jdk15on</artifactId> | ||
<version>1.60</version> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-test</artifactId> | ||
<scope>test</scope> | ||
</dependency> | ||
</dependencies> | ||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-maven-plugin</artifactId> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
|
||
|
||
</project> |
122 changes: 122 additions & 0 deletions
122
src/main/java/com/honey/xmlsec/BcSignatureAlgorithm.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
package com.honey.xmlsec; | ||
|
||
import org.apache.xml.security.algorithms.SignatureAlgorithm; | ||
import org.apache.xml.security.exceptions.XMLSecurityException; | ||
import org.apache.xml.security.signature.XMLSignatureException; | ||
import org.bouncycastle.jce.provider.BouncyCastleProvider; | ||
import org.w3c.dom.Document; | ||
import org.w3c.dom.Element; | ||
|
||
import java.security.*; | ||
import java.security.spec.AlgorithmParameterSpec; | ||
|
||
public class BcSignatureAlgorithm extends SignatureAlgorithm{ | ||
|
||
private Signature engine; | ||
private static BouncyCastleProvider provider = new BouncyCastleProvider(); | ||
public BcSignatureAlgorithm(Document doc, String algorithmURI) throws XMLSecurityException { | ||
super(doc, algorithmURI); | ||
initEngine(); | ||
} | ||
|
||
public BcSignatureAlgorithm(Document doc, String algorithmURI, int hmacOutputLength) throws XMLSecurityException { | ||
super(doc, algorithmURI, hmacOutputLength); | ||
initEngine(); | ||
} | ||
|
||
public BcSignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException { | ||
super(element, baseURI); | ||
initEngine(); | ||
} | ||
|
||
public BcSignatureAlgorithm(Element element, String baseURI, boolean secureValidation) throws XMLSecurityException { | ||
super(element, baseURI, secureValidation); | ||
initEngine(); | ||
} | ||
|
||
private void initEngine() throws XMLSecurityException { | ||
try { | ||
engine = Signature.getInstance("RSA", provider); | ||
} catch (NoSuchAlgorithmException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void update(byte[] input) throws XMLSignatureException { | ||
try { | ||
engine.update(input); | ||
} catch (SignatureException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void update(byte input) throws XMLSignatureException { | ||
try { | ||
engine.update(input); | ||
} catch (SignatureException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void update(byte[] buf, int offset, int len) throws XMLSignatureException { | ||
try { | ||
engine.update(buf, offset, len); | ||
} catch (SignatureException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void initSign(Key signingKey) throws XMLSignatureException { | ||
try { | ||
engine.initSign((PrivateKey) signingKey); | ||
} catch (InvalidKeyException e) { | ||
throw new RuntimeException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void initSign(Key signingKey, SecureRandom secureRandom) throws XMLSignatureException { | ||
try { | ||
engine.initSign((PrivateKey) signingKey, secureRandom); | ||
} catch (InvalidKeyException e) { | ||
throw new RuntimeException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void initSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws XMLSignatureException { | ||
throw new XMLSignatureException("unsupported operation"); | ||
} | ||
|
||
@Override | ||
public byte[] sign() throws XMLSignatureException { | ||
try { | ||
return engine.sign(); | ||
} catch (SignatureException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public void initVerify(Key verificationKey) throws XMLSignatureException { | ||
try { | ||
engine.initVerify((PublicKey) verificationKey); | ||
} catch (InvalidKeyException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
} | ||
|
||
@Override | ||
public boolean verify(byte[] signature) throws XMLSignatureException { | ||
try { | ||
return engine.verify(signature); | ||
} catch (SignatureException e) { | ||
throw new XMLSignatureException(e); | ||
} | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
package com.honey.xmlsec; | ||
|
||
import javax.xml.namespace.NamespaceContext; | ||
import java.util.HashMap; | ||
import java.util.Iterator; | ||
import java.util.Map; | ||
|
||
/** | ||
* A NamespaceContext implementation for digital signatures | ||
*/ | ||
public class DSNamespaceContext implements NamespaceContext { | ||
|
||
private Map<String, String> namespaceMap = | ||
new HashMap<>(); | ||
|
||
public DSNamespaceContext() { | ||
namespaceMap.put("ds", "http://www.w3.org/2000/09/xmldsig#"); | ||
namespaceMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#"); | ||
} | ||
|
||
public DSNamespaceContext(Map<String, String> namespaces) { | ||
this(); | ||
namespaceMap.putAll(namespaces); | ||
} | ||
|
||
public String getNamespaceURI(String arg0) { | ||
return namespaceMap.get(arg0); | ||
} | ||
|
||
public void putPrefix(String prefix, String namespace) { | ||
namespaceMap.put(prefix, namespace); | ||
} | ||
|
||
public String getPrefix(String arg0) { | ||
for (String key : namespaceMap.keySet()) { | ||
String value = namespaceMap.get(key); | ||
if (value.equals(arg0)) { | ||
return key; | ||
} | ||
} | ||
return null; | ||
} | ||
|
||
public Iterator<String> getPrefixes(String arg0) { | ||
return namespaceMap.keySet().iterator(); | ||
} | ||
} |
Oops, something went wrong.