1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
/*
* Copyright 1999-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.xml.security.samples.signature;
import java.io.File;
import org.apache.xml.security.signature.SignedInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.samples.SampleUtils;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.XMLUtils;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
/**
*
* @author $Author: mullan $
*/
public class VerifyCollectableSignature {
/** {@link org.apache.commons.logging} logging facility */
static org.apache.commons.logging.Log log =
org.apache.commons.logging.LogFactory.getLog(VerifyCollectableSignature.class.getName());
/**
* Method main
*
* @param unused
* @throws Exception
*/
public static void main(String unused[]) throws Exception {
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
dbf.setAttribute("http://xml.org/sax/features/namespaces", Boolean.TRUE);
try {
File signatureFile = new File("collectableSignature.xml");
String BaseURI = signatureFile.toURL().toString();
System.out.println("Try to verify "
+ signatureFile.toURL().toString());
javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
db.setErrorHandler(new org.apache.xml.security.utils
.IgnoreAllErrorHandler());
org.w3c.dom.Document doc =
db.parse(new java.io.FileInputStream(signatureFile));
Element nscontext = SampleUtils.createDSctx(doc, "ds",
Constants.SignatureSpecNS);
NodeList signatureElems = XPathAPI.selectNodeList(doc,
"//ds:Signature", nscontext);
for (int i = 0; i < signatureElems.getLength(); i++) {
Element sigElement = (Element) signatureElems.item(i);
XMLSignature signature = new XMLSignature(sigElement, BaseURI);
byte[] secretKey = "secretValue".getBytes();
System.out
.println("The XML signature number " + i + " in file " + BaseURI + " is "
+ (signature
.checkSignatureValue(signature
.createSecretKey(CreateCollectableSignature
.passphrase.getBytes()))
? "valid (good)"
: "invalid !!!!! (bad)"));
SignedInfo s = signature.getSignedInfo();
for (int j = 0; j < s.getSignedContentLength(); j++) {
System.out.println("################ Signed Resource " + i + "/" + j
+ " ################");
System.out.println(new String(s.getSignedContentItem(j)));
System.out.println();
}
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
static {
org.apache.xml.security.Init.init();
}
}
|
