Comment signer un fichier XML avec certificat X509 (.pfx)

ça y est j'ai reussi à le faire pares deux longue journé de travail :yaisse2:
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
 
//les APIs necessaire
import java.io.*;
import java.util.*;
 
import java.security.*;
import java.security.cert.*;
 
import org.w3c.dom.*;
import org.xml.sax.*;
 
import javax.xml.crypto.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dsig.dom.*;
import javax.xml.crypto.dsig.keyinfo.*;
import javax.xml.crypto.dsig.spec.*;
import javax.xml.crypto.dsig.*;
 
import javax.xml.parsers.*;
import javax.xml.transform.*;
import javax.xml.transform.dom.*;
import javax.xml.transform.stream.*;
 
 
public class Main3{
 
    public static void main(String args[]) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, SAXException, GeneralSecurityException, TransformerException
    {
        Object dom;
        //initiliser les parametres
    XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
    DigestMethod sha1 = factory.newDigestMethod(DigestMethod.SHA1, null);
    CanonicalizationMethod inclusive = factory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null);
    SignatureMethod rsasha1 = factory.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
    Transform enveloped = factory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null);
    List transforms = Collections.singletonList(enveloped);
    Reference ref = factory.newReference("",sha1);
    List references = Collections.singletonList(ref);
    SignedInfo signer = factory.newSignedInfo(inclusive, rsasha1, references);
    char[] password = "motDePasse".toCharArray();
    KeyStore store = KeyStore.getInstance("PKCS12");
        try {
            //lire le fichier de certificat
            InputStream keys = new FileInputStream("cert.pfx");
            try {
                //charger la boutique 
                store.load(keys, password);
                System.out.println("Certificat chargé avec succés");
 
            } catch (NoSuchAlgorithmException ex) {
                //ex.printStackTrace();
                 System.out.println("Pas d'algorthme ds le certificat");
            } catch (CertificateException ex) {
                //ex.printStackTrace();
                System.out.println("Mot de passe incorrect du certificat");
            } catch (IOException ex) {
               // ex.printStackTrace();
                 System.out.println("Erreur ds la lecture du certificat");
            }
        } catch (FileNotFoundException ex) {
           // ex.printStackTrace();
                System.out.println("fichier spécifié est introuvable");
        }
 
        try {
               List certs = new ArrayList(); 
               String alias=getCertificateAliases(store);
               KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry)store.getEntry(alias, new KeyStore.PasswordProtection(password));
               X509Certificate cert = (X509Certificate) entry.getCertificate();
               certs.add(cert.getSubjectX500Principal().getName());
               certs.add(cert);  
               System.out.println("Clé privée recupérée avc succès"); 
               System.out.println("X509 opération terminée");
               KeyInfoFactory keyFactory = factory.getKeyInfoFactory();    
               //cahrger les donnees du certificat
               X509Data data = keyFactory.newX509Data(certs);
               List dataList = Collections.singletonList(data);
               KeyInfo key = keyFactory.newKeyInfo(dataList);
               ////////charger le fichier Xml
               DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
               DocumentBuilder db;
 
            try {
                db = dbf.newDocumentBuilder();
                try {
                    //charger le fichier xml à signer
                    Document doc=db.parse("test.xml");
                    Node node=doc.getFirstChild();
                    //creer le context de la signature
                    DOMSignContext context = new DOMSignContext(entry.getPrivateKey(),node);
                    XMLSignature signature = factory.newXMLSignature(signer, key);
                    try {
                        signature.sign(context);  
                         TransformerFactory tf = TransformerFactory.newInstance();
                         Transformer trans = tf.newTransformer();
                         trans.transform(new DOMSource(doc),new StreamResult(new FileOutputStream("mySignedFile.xml")));
                    } catch (MarshalException ex) {                      
                        System.out.println("Erreur ds la signature (Marshal)");
                    } catch (XMLSignatureException ex) {   
                        System.out.println("Erreur ds la signature");
                    }  
                    try {
                        signature.sign(context);
                    } catch (XMLSignatureException ex) {
                        ex.printStackTrace();
                    } catch (MarshalException ex) {
                        ex.printStackTrace();
                    }
                } catch (IOException ex) {
                    //ex.printStackTrace();
                    System.out.println("Fichier XMl pas trouvée");
                } catch (SAXException ex) {
                    //ex.printStackTrace();
                    System.out.println("Erreur ds le parseur XML");
                }
            } catch (ParserConfigurationException ex) {
                ex.printStackTrace();
            }                     
        } catch (UnrecoverableEntryException ex) {
            ex.printStackTrace();
        } catch (KeyStoreException ex) {
            ex.printStackTrace();
        } catch (NoSuchAlgorithmException ex) {
            ex.printStackTrace();
        } 
    }
 
    public static String getCertificateAliases(KeyStore akeyStore) throws GeneralSecurityException
    {
          Enumeration aliasesEnum = akeyStore.aliases();
             List certs = new ArrayList();
            while(aliasesEnum.hasMoreElements())
            {
               String alias = (String)aliasesEnum.nextElement(); 
              return alias;
            }
             return null;//retourne null si aucun aléas n'a été trouvé
    }    
}