Skip to content

Commit

Permalink
redo initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
honwhy.wang committed Sep 7, 2018
0 parents commit bf364c9
Show file tree
Hide file tree
Showing 15 changed files with 3,342 additions and 0 deletions.
28 changes: 28 additions & 0 deletions .gitignore
@@ -0,0 +1,28 @@
# Compiled class file
*.class

# Log file
*.log

# BlueJ files
*.ctxt

# Mobile Tools for Java (J2ME)
.mtj.tmp/

# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar

# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*

# add more
.idea/
.mvn/
target/
34 changes: 34 additions & 0 deletions README.md
@@ -0,0 +1,34 @@
# xml-sec
demo project for apache xmlsec and BouncyCastle Provider usage

dependencies
```
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>2.0.8</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.60</version>
</dependency>
```

use BouncyCastle to do RSA for XMLSignature, see `BcSignatureAlgorithm`

this is a SpringBoot Project, but it can be used as an dependency,
```
<dependency>
<groupId>com.honey</groupId>
<artifactId>xml-sec</artifactId>
<version>0.0.1-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
```
61 changes: 61 additions & 0 deletions pom.xml
@@ -0,0 +1,61 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>com.honey</groupId>
<artifactId>xml-sec</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>

<name>xml-sec</name>
<description>Demo project for Spring Boot</description>

<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.3.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.7</java.version>
</properties>

<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>

<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>2.0.8</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.60</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>

<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>


</project>
122 changes: 122 additions & 0 deletions src/main/java/com/honey/xmlsec/BcSignatureAlgorithm.java
@@ -0,0 +1,122 @@
package com.honey.xmlsec;

import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignatureException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

import java.security.*;
import java.security.spec.AlgorithmParameterSpec;

public class BcSignatureAlgorithm extends SignatureAlgorithm{

private Signature engine;
private static BouncyCastleProvider provider = new BouncyCastleProvider();
public BcSignatureAlgorithm(Document doc, String algorithmURI) throws XMLSecurityException {
super(doc, algorithmURI);
initEngine();
}

public BcSignatureAlgorithm(Document doc, String algorithmURI, int hmacOutputLength) throws XMLSecurityException {
super(doc, algorithmURI, hmacOutputLength);
initEngine();
}

public BcSignatureAlgorithm(Element element, String baseURI) throws XMLSecurityException {
super(element, baseURI);
initEngine();
}

public BcSignatureAlgorithm(Element element, String baseURI, boolean secureValidation) throws XMLSecurityException {
super(element, baseURI, secureValidation);
initEngine();
}

private void initEngine() throws XMLSecurityException {
try {
engine = Signature.getInstance("RSA", provider);
} catch (NoSuchAlgorithmException e) {
throw new XMLSignatureException(e);
}
}

@Override
public void update(byte[] input) throws XMLSignatureException {
try {
engine.update(input);
} catch (SignatureException e) {
throw new XMLSignatureException(e);
}
}

@Override
public void update(byte input) throws XMLSignatureException {
try {
engine.update(input);
} catch (SignatureException e) {
throw new XMLSignatureException(e);
}
}

@Override
public void update(byte[] buf, int offset, int len) throws XMLSignatureException {
try {
engine.update(buf, offset, len);
} catch (SignatureException e) {
throw new XMLSignatureException(e);
}
}

@Override
public void initSign(Key signingKey) throws XMLSignatureException {
try {
engine.initSign((PrivateKey) signingKey);
} catch (InvalidKeyException e) {
throw new RuntimeException(e);
}
}

@Override
public void initSign(Key signingKey, SecureRandom secureRandom) throws XMLSignatureException {
try {
engine.initSign((PrivateKey) signingKey, secureRandom);
} catch (InvalidKeyException e) {
throw new RuntimeException(e);
}
}

@Override
public void initSign(Key signingKey, AlgorithmParameterSpec algorithmParameterSpec) throws XMLSignatureException {
throw new XMLSignatureException("unsupported operation");
}

@Override
public byte[] sign() throws XMLSignatureException {
try {
return engine.sign();
} catch (SignatureException e) {
throw new XMLSignatureException(e);
}
}

@Override
public void initVerify(Key verificationKey) throws XMLSignatureException {
try {
engine.initVerify((PublicKey) verificationKey);
} catch (InvalidKeyException e) {
throw new XMLSignatureException(e);
}
}

@Override
public boolean verify(byte[] signature) throws XMLSignatureException {
try {
return engine.verify(signature);
} catch (SignatureException e) {
throw new XMLSignatureException(e);
}

}
}
47 changes: 47 additions & 0 deletions src/main/java/com/honey/xmlsec/DSNamespaceContext.java
@@ -0,0 +1,47 @@
package com.honey.xmlsec;

import javax.xml.namespace.NamespaceContext;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/**
* A NamespaceContext implementation for digital signatures
*/
public class DSNamespaceContext implements NamespaceContext {

private Map<String, String> namespaceMap =
new HashMap<>();

public DSNamespaceContext() {
namespaceMap.put("ds", "http://www.w3.org/2000/09/xmldsig#");
namespaceMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#");
}

public DSNamespaceContext(Map<String, String> namespaces) {
this();
namespaceMap.putAll(namespaces);
}

public String getNamespaceURI(String arg0) {
return namespaceMap.get(arg0);
}

public void putPrefix(String prefix, String namespace) {
namespaceMap.put(prefix, namespace);
}

public String getPrefix(String arg0) {
for (String key : namespaceMap.keySet()) {
String value = namespaceMap.get(key);
if (value.equals(arg0)) {
return key;
}
}
return null;
}

public Iterator<String> getPrefixes(String arg0) {
return namespaceMap.keySet().iterator();
}
}

0 comments on commit bf364c9

Please sign in to comment.