OpenSAML user discussion

[Pedro Navarro Pérez <>]

Hi all,

I'm trying to sign an assertion with a KeyInfo attached, but afterwards 
when I try to verify the XML Signature the keyInfo information is null, 
and it hasn't been really inserted in the XML Signature.

I think the problem is in the CreateSignatureElement in SignatureMarshaller:

private Element createSignatureElement(Signature signature, Document 
document) throws MarshallingException {
       if (log.isDebugEnabled()) {
           log.debug("Starting to marshall " + 
signature.getElementQName());
       }

       try {
           if (log.isDebugEnabled()) {
               log.debug("Creating XMLSignature object");
           }
           XMLSignature dsig = new XMLSignature(document, "", 
signature.getSignatureAlgorithm(), signature
                   .getCanonicalizationAlgorithm());

           if (log.isDebugEnabled()) {
               log.debug("Adding content to XMLSignature.");
           }
           for (ContentReference contentReference : 
signature.getContentReferences()) {
               contentReference.createReference(dsig);
           }

           if (log.isDebugEnabled()) {
               log.debug("Creating Signature DOM element");
           }
           ((SignatureImpl)signature).setXMLSignature(dsig);
           Element signatureElement = dsig.getElement();
          
           *if (signature.getKeyInfo() != null) {
               Marshaller keyInfoMarshaller =
                   
Configuration.getMarshallerFactory().getMarshaller(KeyInfo.DEFAULT_ELEMENT_NAME);
               keyInfoMarshaller.marshall(signature.getKeyInfo(), 
signatureElement);
           }
          
           signature.setDOM(signatureElement);*
           return signatureElement;

The KeyInfo marshalled it remains in the Dom, but the XMLSecurity 
variable is not updated. So, when we sign with the 
Signer.sign(Signature), we sign from the XMLSignature object.

/**
    * Signs a single XMLObject.
    *
    * @param signature the signature to computer the signature on
    */
   public static void signObject(Signature signature) {
       try {
           *XMLSignature xmlSignature = ((SignatureImpl) 
signature).getXMLSignature();*

           if (xmlSignature == null) {
               log.warn("Unable to compute signature, Signature 
XMLObject does not have the XMLSignature created during marshalling.");
               return;
           }
           if (log.isDebugEnabled()) {
               log.debug("Creating XMLSignature object");
           }
           xmlSignature.sign(signature.getSigningKey());
       } catch (XMLSecurityException e) {
           log.error("An error occured computing the digital 
signature", e);
       }
   }

What do you think?

Thanks
begin:vcard
note;quoted-printable:____________________________________________________________=0D=0A=
	Pedro Navarro P=C3=A9rez             =0D=0A=
	EVIDIAN S.A.                    www.evidian.com=0D=0A=
	Rue Jean Jaur=C3=A8s - BP 68=0D=0A=
	78340 Les Clayes-sous-Bois      T=C3=A9l : +33 1 30 80 73 26=0D=0A=
	____________________________________________________________ 
version:2.1
end:vcard