impléméntation de signature électronique

Question

bonjour ,
voilà je suis amené à implémenter une classe java qui permet de vérifier la signature d'un document signé mais je sais pas comment m'y prendre quelqu'un pourrait me recommander un tuto ou quelconque document susceptible de m'aider. 
merci d'avance

JulSoft · Answer

En anglais, il y'a du tout cuit sur le site d'oracle: http://docs.oracle.com/javase/tutorial/security/apisign/versig.html

linnnou · Answer

bonsoir, merci bp mais j'avais déja commencé à implémenté mon code en m'aidant de qques exemples trouvés mais j'ai eu beaucoup d'erreur que j'arrive pas à résoudre:( je vous fournit mon code dans l'espoir que qq1 puisse m'aider et merci d'avance :) ma classse Main package premier.essai; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.util.Iterator; import javax.xml.crypto.MarshalException; import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignatureException; import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.dom.DOMValidateContext; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.NodeList; import org.xml.sax.SAXException; public class Main { public static void main(String[] args) throws FileNotFoundException, SAXException, IOException, ParserConfigurationException, XMLSignatureException, MarshalException { // on va charger le document à signer puis le valider à l'aide de validate() DocumentBuilderFactory dbf= DocumentBuilderFactory.newInstance (); dbf.setNamespaceAware (true); DocumentBuilder builder = dbf.newDocumentBuilder (); Document doc = builder.parse (new FileInputStream ("nom du fichier signé")); NodeList NL = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (validation((Element) NL.item(0))) System.out.println ("document valide"); else System.out.println ("document no valide"); } public static boolean validation(Element signature) throws XMLSignatureException, MarshalException { //Chargement du contexte de validation : récupération du doc signée et le keyValueKeySelector cherchera dans le doc //soit la clé public soit tte autre info comme x509certificate DOMValidateContext valContext= new DOMValidateContext ( new KeyValueKeySelector() ,signature) ; Iterator i =((XMLSignature) signature).getSignedInfo().getReferences().iterator(); boolean refvalid=true; while ((i.hasNext() )& (refvalid==true )) { refvalid = ((XMLSignature) i).validate(valContext); System.out.println ("[réf] état de validité:" + refvalid); i.next(); } if (!refvalid) { System.out.println ("le contenu a été modifié ce qui enfreind à la contrainte d'integrité"); return false; } // validation de la signature XMLSignatureFactory signatureFactory= XMLSignatureFactory.getInstance ("DOM"); // récupération des différents composants de la XMLSignature XMLSignature signatureVerif= signatureFactory.unmarshalXMLSignature(valContext); // création d'une signature au format xml en utilsant DOMValidateContext boolean signatureValidity = signatureVerif.validate(valContext); if (signatureValidity) System.out.println ("la signature est bien vérifiée"); else System.out.println ("la signature n'est pas valide et donc il ya erreur"); return signatureValidity; } } package premier.essai; import java.security.KeyException; import java.security.PublicKey; import java.util.List; import javax.xml.crypto.AlgorithmMethod; import javax.xml.crypto.KeySelector; import javax.xml.crypto.KeySelectorException; import javax.xml.crypto.KeySelectorResult; import javax.xml.crypto.XMLCryptoContext; import javax.xml.crypto.XMLStructure; import javax.xml.crypto.dsig.SignatureMethod; import javax.xml.crypto.dsig.keyinfo.KeyInfo; import javax.xml.crypto.dsig.keyinfo.KeyValue; public class KeyValueKeySelector extends KeySelector { public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { if (keyInfo == null) { throw new KeySelectorException("Null KeyInfo object!"); } SignatureMethod sm = (SignatureMethod) method; List list = keyInfo.getContent(); for (int i = 0; i < list.size(); i++) { XMLStructure xmlStructure = (XMLStructure) list.get(i); if (xmlStructure instanceof KeyValue) { PublicKey pk = null; try { pk = ((KeyValue)xmlStructure).getPublicKey(); } catch (KeyException ke) { throw new KeySelectorException(ke); } // make sure algorithm is compatible with method if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) { return new SimpleKeySelectorResult(pk); } } } throw new KeySelectorException("No KeyValue element found!"); } static boolean algEquals(String algURI, String algName) { if (algName.equalsIgnoreCase("DSA") && algURI.equalsIgnoreCase(SignatureMethod.DSA_SHA1)) { return true; } else if (algName.equalsIgnoreCase("RSA") && algURI.equalsIgnoreCase(SignatureMethod.RSA_SHA1)) { return true; } else { return false; } } } package premier.essai; import java.security.Key; import java.security.PublicKey; import javax.xml.crypto.KeySelectorResult; public class SimpleKeySelectorResult implements KeySelectorResult { private PublicKey pk; SimpleKeySelectorResult(PublicKey pk) { this.pk = pk; } public Key getKey() { return pk; } }

linnnou · Answer

j'ai oublié les erreurs obtenues : Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: cannot find validation key
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:531)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:252)
at premier.essai.Main.validation(Main.java:69)
at premier.essai.Main.main(Main.java:34)
Caused by: javax.xml.crypto.KeySelectorException: No KeyValue element found!
at premier.essai.KeyValueKeySelector.select(KeyValueKeySelector.java:44)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:523)
... 3 more
javax.xml.crypto.KeySelectorException: No KeyValue element found!
at premier.essai.KeyValueKeySelector.select(KeyValueKeySelector.java:44)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:523)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:252)
at premier.essai.Main.validation(Main.java:69)
at premier.essai.Main.main(Main.java:34)

linnnou · Answer

bon je crois avoir trouvé le prob mais mon prog ne marche tjs pas quelqu'un pourrait m'aider SVP  
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.CertificateException;

import javax.naming.NamingException;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;

import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

public class Main {

public static void main(String[] args) throws FileNotFoundException, SAXException, IOException, ParserConfigurationException, XMLSignatureException, MarshalException, NamingException, CertificateException
{
// on va charger le document à signer puis le valider à l'aide de validate()

DocumentBuilderFactory dbf= DocumentBuilderFactory.newInstance (); 
dbf.setNamespaceAware (true); 
DocumentBuilder builder = dbf.newDocumentBuilder ();
Document doc = builder.parse (new FileInputStream("monDoc.pdf.isf"));
NodeList NL = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (NL.getLength()==0) System.out.println ("Element non trouvée");
            else System.out.println ("document valide");


if (validation((Element) NL.item(0)))	 System.out.println ("signature valide");
else System.out.println ("signature non valide");
}


public static boolean validation(Element signature) throws XMLSignatureException, MarshalException, FileNotFoundException, SAXException, IOException, ParserConfigurationException, NamingException, CertificateException
{
 //Chargement du contexte de validation : en utilsant la clé du doc*/
DOMValidateContext valContext= new DOMValidateContext ( new KeyValueKeySelector() , signature)  ;

System.out.println (valContext);
// récupération des différents composants de la XMLSignature

    XMLSignatureFactory  signatureFactory= XMLSignatureFactory.getInstance ("DOM");  
 // création d'une signature au format xml en utilsant DOMValidateContext

    XMLSignature signatureVerif= signatureFactory.unmarshalXMLSignature(valContext); 
    System.out.println (signatureVerif);
 // validation de la signature
    
  boolean  signatureValidity = signatureVerif.validate(valContext) ;
   
    if (signatureValidity) return true;
  
    else return false ;
    
}
}

package premier.essai;

import java.security.KeyException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.List;

import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyValue;

public class KeyValueKeySelector extends KeySelector {
    public KeySelectorResult select1(KeyInfo keyInfo,
                                    KeySelector.Purpose purpose,
                                    AlgorithmMethod method,
                                    XMLCryptoContext context)
        throws KeySelectorException {
     
        if (keyInfo == null) {
            throw new KeySelectorException("Null KeyInfo object!");
        }
        SignatureMethod sm = (SignatureMethod) method;
      List<?> list =   keyInfo.getContent();
  
       
        for (int i = 0; i < list.size(); i++) {
            XMLStructure xmlStructure = (XMLStructure) list.get(i);
            if (xmlStructure instanceof X509Certificate) {
                PublicKey pk = null;
                try {
                	
                    pk = ((KeyValue)xmlStructure).getPublicKey();
                  
                } catch (KeyException ke) {
                    throw new KeySelectorException(ke);
                }
                // make sure algorithm is compatible with method
                if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) {
                    return new SimpleKeySelectorResult(pk);
                }
            }
        }
        throw new KeySelectorException("No");
    }

  
    static boolean algEquals(String algURI, String algName) {
        if (algName.equalsIgnoreCase("DSA") &&
            algURI.equalsIgnoreCase(SignatureMethod.DSA_SHA1)) {
            return true;
        } else if (algName.equalsIgnoreCase("RSA") &&
                   algURI.equalsIgnoreCase(SignatureMethod.RSA_SHA1)) {
            return true;
        } else {
            return false;
        }
    }


@Override
public KeySelectorResult select(KeyInfo keyInfo, Purpose purpose,
AlgorithmMethod method, XMLCryptoContext context)
throws KeySelectorException {
// TODO Auto-generated method stub
return null;
}
}

 
j'obtient l'erreur suivante
[code=as]Exception in thread "main" java.lang.NullPointerException
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:525)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:252)
at premier.essai.Main.validation(Main.java:58)
at premier.essai.Main.main(Main.java:38)/code

Impléméntation de signature électronique

4 réponses

Votre réponse

Discussions similaires