1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
String fileName = "C:/BodyXML.xml";
String signatureFileName = "C:/enveloped-6.xml";
try {
//This code select a P12 certificate for the signature
String certificateName = "8033_prv";
String certificatePath = "C:/8033_prv.p12";
//Create KeyStore
KeyStore ks = KeyStore.getInstance("PKCS12");
char[] password = certificateName.toCharArray();
ks.load(new FileInputStream(certificatePath), password);
//Create KeyEntry
KeyStore.PrivateKeyEntry keyEntry =
(KeyStore.PrivateKeyEntry) ks.getEntry
(certificateName, new KeyStore.PasswordProtection
(certificateName.toCharArray()));
//Create certificate
X509Certificate cert = (X509Certificate) keyEntry.getCertificate();
// Initialize the apache libraries
Init.init();
// Obtain security elements from the keystore
//PrivateKey privateKey = MySecurityUtils.getPrivateKey();
//PrivateKey privateKey = keyEntry.getPrivateKey();
PublicKey privateKey = cert.getPublicKey();
//PrivateKey privateKey = (PrivateKey) cert.getPublicKey();
//X509Certificate cert = MySecurityUtils.getCertificate();
MessageFactory mf = MessageFactory.newInstance();
MimeHeaders headers = new MimeHeaders();
headers.addHeader("Content-Type", null);
SOAPMessage message = mf.createMessage(headers, new FileInputStream(filePath));
message.saveChanges();
SOAPHeader header = message.getSOAPHeader();
SOAPBody body = message.getSOAPBody();
// Set the wsu:Id attribute to the Body
//XMLUtil.setWsuIdAttr(body, "MyId");
XMLUtil.setWsuIdAttr(body, "id-2");
// Create a WSSE context for the SOAP message
SecurableSoapMessage sssm = new SecurableSoapMessage(message);
// Create a security header for the message (<wsse:Security>)
SecurityHeader sh = sssm.findOrCreateSecurityHeader();
// Insert the certificate (<wsse:BinarySecurityToken>)
//X509SecurityToken stoken = new X509SecurityToken(header.getOwnerDocument(), cert, "X509TokenRef");
X509SecurityToken stoken = new X509SecurityToken(header.getOwnerDocument(), cert);
sh.insertHeaderBlock(stoken);
// Insert the keyinfo referring to the certificate (<ds:KeyInfo>)
KeyInfoHeaderBlock kihb = new KeyInfoHeaderBlock(header.getOwnerDocument());
SecurityTokenReference secTR = new SecurityTokenReference(header.getOwnerDocument());
DirectReference dirRef = new DirectReference();
dirRef.setURI("#X509TokenRef");
secTR.setReference(dirRef);
kihb.addSecurityTokenReference(secTR);
//sh.insertHeaderBlock(kihb);
// Insert the Signature block (<ds:Signature>)
SignatureHeaderBlock shb = new SignatureHeaderBlock(header.getOwnerDocument(), XMLSignature.ALGO_ID_SIGNATURE_RSA);
Transforms transforms = new Transforms(header.getOwnerDocument());
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
//shb.addSignedInfoReference("#MyId", transforms, Constants.ALGO_ID_DIGEST_SHA1);
shb.addSignedInfoReference("id-2", transforms, Constants.ALGO_ID_DIGEST_SHA1);
shb.addChildElement(kihb.getAsSoapElement());
sh.insertHeaderBlock(shb);
// Digest all References (#MyId) in the SignedInfo, calculate the signature value
// and set it in the SignatureValue Element
javax.swing.JOptionPane.showMessageDialog(null, "PublicKey : "+privateKey.toString());
shb.sign(privateKey);
// Add the signature data to the header element
header.addChildElement(sh.getAsSoapElement());
// Save the signed SOAP message
FileOutputStream fos = new FileOutputStream(new File(signatureFileName));
message.writeTo(fos);
} catch (Exception exc) {
exc.printStackTrace();
//System.out.println("An error has occurred : " + exc.toString());
javax.swing.JOptionPane.showMessageDialog(null, "Erreur : "+exc);
} |
SOAP et WS-Security
Répondre avec citation
Partager