Package javax.xml.crypto.dsig

Examples of javax.xml.crypto.dsig.XMLSignatureException

298
299
300
301
302
303
304
305
306
    protected void checkSearchValueNotNull(Input input) throws Exception { //NOPMD
        LOG.debug("Searching for output element with search value '{}' and sarch type {}", input.getOutputNodeSearch(),
                input.getOutputNodeSearchType());
        if (input.getOutputNodeSearch() == null) {
            throw new XMLSignatureException(String.format("Wrong configruation: Value is missing for output node search %s.",
                    input.getOutputNodeSearchType()));
        }
    }
View Full Code Here
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
        // grab the signing key
        Element signingElement = feed.getFirstChild(new QName(Common.NS_URI,
                Common.SIGN));
        if (signingElement == null) {
            throw new XMLSignatureException(
                    "Could not find signing key for feed: " + feed.getId());
        }

        // verify that the key matches the id
        PublicKey publicKey = Common.toPublicKeyFromX509(signingElement
                .getText());
        if (Common.fromFeedUrn(feed.getId()) == null
                || !Common.fromFeedUrn(feed.getId()).equals(
                        Common.toFeedId(publicKey))) {
            throw new XMLSignatureException(
                    "Signing key does not match feed id: "
                            + Common.fromFeedUrn(feed.getId()) + " : "
                            + Common.toFeedId(publicKey));
        }

        // prep the verifier
        AbderaSecurity security = new AbderaSecurity(Abdera.getInstance());
        Signature signature = security.getSignature();
        SignatureOptions options = signature.getDefaultSignatureOptions();
        options.setSigningAlgorithm("http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1");
        options.setSignLinks(false);
        options.setPublicKey(publicKey);

        // validate, persist, and remove each entry
        List<Entry> entries = new LinkedList<Entry>();
        entries.addAll(feed.getEntries()); // make a copy
        String existingEntryXml;
        for (Entry entry : feed.getEntries()) {
            String feedId = Common.toFeedIdString(feed.getId());
            long entryId = Common.toEntryId(entry.getId());
            try {
                try {
                    existingEntryXml = persistence.readEntry(feedId, entryId);
                } catch (FileNotFoundException fnfe) {
                    existingEntryXml = null;
                }
                if (existingEntryXml != null) {
                    Entry parsed = (Entry) Abdera.getInstance().getParser()
                            .parse(new StringReader(existingEntryXml))
                            .getRoot();
                    if (entry.getUpdated().after(parsed.getUpdated())) {
                        // discard what we have in cache
                        existingEntryXml = null;
                    }
                }
            } catch (Exception e) {
                existingEntryXml = null;
                log.warn(
                        "Unexpected error parsing existing entry before validation: "
                                + entry.getId(), e);
            }
            if (existingEntryXml != null) {
                log.trace("Skipping validation for existing entry: "
                        + entry.getId());
            } else {
                if (!signature.verify(entry, options)) {
                    // failed validation
                    Element activity = entry.getExtension(new QName(
                            "http://activitystrea.ms/spec/1.0/", "verb",
                            "activity"));
                    // if not a 'deleted' entry
                    if (activity == null
                            || !"deleted".equals(activity.getText())) {
                        // TODO: should validate that the 'delete' entry that
                        // this entry mentions is mentioning this entry
                        log.warn("Could not verify signature for entry with id: "
                                + feed.getId());
                        // fail ingest
                        throw new XMLSignatureException(
                                "Could not verify signature for entry with id: "
                                        + entry.getId() + " : " + feed.getId());
                    } else {
                        log.warn("Skipping signature verification for deleted entry: "
                                + feed.getId());
                    }
                }
                try {
                    // yield a bit while validating entries
                    Thread.sleep(100);
                } catch (InterruptedException e) {
                    log.error("Should never happen: ", e);
                }
            }

            // remove from feed parent
            entry.discard();
            try {
                // see if this file already exists
                storage.readEntry(Common.toFeedIdString(feed.getId()),
                        Common.toEntryId(entry.getId()));
                // this file exists; remove from processing
                entries.remove(entry);
            } catch (FileNotFoundException e) {
                // file does not already exist: resume
            }
        }
        // setEditDetail(request, entry, key);
        // String edit = entry.getEditLinkResolvedHref().toString();

        // remove all navigation links before signing
        for (Link link : feed.getLinks()) {
            if (Link.REL_FIRST.equals(link.getRel())
                    || Link.REL_LAST.equals(link.getRel())
                    || Link.REL_CURRENT.equals(link.getRel())
                    || Link.REL_NEXT.equals(link.getRel())
                    || Link.REL_PREVIOUS.equals(link.getRel())) {
                link.discard();
            }
        }
        // remove all opensearch elements before verifying
        for (Element e : feed
                .getExtensions("http://a9.com/-/spec/opensearch/1.1/")) {
            e.discard();
        }

        // now validate feed signature sans entries
        if (!signature.verify(feed, options)) {
            log.warn("Could not verify signature for feed with id: "
                    + feed.getId());
            throw new XMLSignatureException(
                    "Could not verify signature for feed with id: "
                            + feed.getId());
        }

        // persist feed
View Full Code Here
479
480
481
482
483
484
485
486
487
488
489
                .newCanonicalizationMethod(signatureConfig.getCanonicalizationMethod(),
                (C14NMethodParameterSpec) null);
            signedInfo = signatureFactory.newSignedInfo(
                canonicalizationMethod, signatureMethod, references);
        } catch (GeneralSecurityException e) {
            throw new XMLSignatureException(e);
        }

        /*
         * JSR105 ds:Signature creation
         */
 
View Full Code Here
113
114
115
116
117
118
119
120
    protected Transform newTransform(String canonicalizationMethod, TransformParameterSpec paramSpec)
    throws XMLSignatureException {
        try {
            return getSignatureFactory().newTransform(canonicalizationMethod, paramSpec);
        } catch (GeneralSecurityException e) {
            throw new XMLSignatureException("unknown canonicalization method: "+canonicalizationMethod, e);
        }
    }
View Full Code Here
138
139
140
141
142
143
144
145
146
147
148
        XMLSignatureFactory sigFac = signatureConfig.getSignatureFactory();
        DigestMethod digestMethod;
        try {
            digestMethod = sigFac.newDigestMethod(digestMethodUri, null);
        } catch (GeneralSecurityException e) {
            throw new XMLSignatureException("unknown digest method uri: "+digestMethodUri, e);
        }

        Reference reference;
        if (digestValue == null) {
            reference = sigFac.newReference(uri, digestMethod, transforms, type, id);
View Full Code Here
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
            PackageRelationshipCollection prc;
            try {
                prc = new PackageRelationshipCollection(ooxml);
                prc.parseRelationshipsPart(pp);
            } catch (InvalidFormatException e) {
                throw new XMLSignatureException("Invalid relationship descriptor: "+pp.getPartName().getName(), e);
            }
           
            RelationshipTransformParameterSpec parameterSpec = new RelationshipTransformParameterSpec();
            for (PackageRelationship relationship : prc) {
                String relationshipType = relationship.getRelationshipType();
               
                /*
                 * ECMA-376 Part 2 - 3rd edition
                 * 13.2.4.16 Manifest Element
                 * "The producer shall not create a Manifest element that references any data outside of the package."
                 */
                if (TargetMode.EXTERNAL == relationship.getTargetMode()) {
                    continue;
                }

                if (!isSignedRelationship(relationshipType)) continue;

                parameterSpec.addRelationshipReference(relationship.getId());

                // TODO: find a better way ...
                String partName = baseUri + relationship.getTargetURI().toString();
                try {
                    partName = new URI(partName).normalize().getPath().replace('\\', '/');
                    LOG.log(POILogger.DEBUG, "part name: " + partName);
                } catch (URISyntaxException e) {
                    throw new XMLSignatureException(e);
                }
               
                String contentType;
                try {
                    PackagePartName relName = PackagingURIHelper.createPartName(partName);
                    PackagePart pp2 = ooxml.getPart(relName);
                    contentType = pp2.getContentType();
                } catch (InvalidFormatException e) {
                    throw new XMLSignatureException(e);
                }
               
                if (relationshipType.endsWith("customXml")
                    && !(contentType.equals("inkml+xml") || contentType.equals("text/xml"))) {
                    LOG.log(POILogger.DEBUG, "skipping customXml with content type: " + contentType);
View Full Code Here
189
190
191
192
193
194
195
     *
     * @see org.picketlink.identity.federation.PicketLinkLogger#signatureError(java.lang.Throwable)
     */
    @Override
    public XMLSignatureException signatureError(Throwable e) {
        return new XMLSignatureException(ErrorCodes.SIGNING_PROCESS_FAILURE, e);
    }
View Full Code Here
1072
1073
1074
1075
1076
1077
1078
     *
     * @see org.picketlink.identity.federation.PicketLinkLogger#signatureInvalidError(java.lang.String, java.lang.Throwable)
     */
    @Override
    public XMLSignatureException signatureInvalidError(String message, Throwable t) {
        return new XMLSignatureException(ErrorCodes.INVALID_DIGITAL_SIGNATURE + message);
    }
View Full Code Here
383
384
385
386
387
388
389
390
391
392
        return stsUnableToDecodePasswordError;
    }

    @Override
    public final XMLSignatureException signatureInvalidError(final String message, final Throwable t) {
        XMLSignatureException result = new XMLSignatureException(String.format(((projectCode +"000009: ")+ signatureInvalidError$str()), message), t);
        StackTraceElement[] st = result.getStackTrace();
        result.setStackTrace(Arrays.copyOfRange(st, 1, st.length));
        return result;
    }
View Full Code Here
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
        return processingError;
    }

    @Override
    public final XMLSignatureException signatureError(final Throwable t) {
        XMLSignatureException result = new XMLSignatureException(String.format(((projectCode +"000100: ")+ signatureError$str())), t);
        StackTraceElement[] st = result.getStackTrace();
        result.setStackTrace(Arrays.copyOfRange(st, 1, st.length));
        return result;
    }
View Full Code Here
TOP

Related Classes of javax.xml.crypto.dsig.XMLSignatureException

  • com.sun.xml.ws.security.opt.crypto.dsig.Reference
  • com.sun.xml.ws.security.opt.crypto.dsig.Signature
  • com.sun.xml.ws.security.opt.impl.incoming.processor.StreamingPayLoadDigester
  • com.trsst.server.TrsstAdapter
  • org.apache.camel.component.xmlsecurity.api.DefaultXmlSignature2Message
  • org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet
  • org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet
  • org.apache.poi.poifs.crypt.dsig.SignatureInfo
  • org.picketlink.identity.federation.DefaultPicketLinkLogger
  • org.picketlink.identity.federation.PicketLinkMessages_$bundle
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.