Skip to Content.
Sympa Menu

mace-opensaml-users - KeyInfo Question (java)

Subject: OpenSAML user discussion

List archive

KeyInfo Question (java)


Chronological Thread 
  • From: Massimiliano Masi <>
  • To:
  • Subject: KeyInfo Question (java)
  • Date: Mon, 07 Jan 2008 17:50:01 +0100


Hello,

I've the following problem: I'm trying to add the X509Data to the keyInfo
in the xml signature. I add with this code:


KeyInfoBuilder keyInfoBuilder =
(KeyInfoBuilder)builderFactory.getBuilder(KeyInfo.DEFAULT_ELEMENT_NAME);
KeyInfo keyInfo = keyInfoBuilder.buildObject();


X509DataBuilder x509databuilder =
(X509DataBuilder)builderFactory.getBuilder(X509Data.DEFAULT_ELEMENT_NAME);

X509Data x509Data = x509databuilder.buildObject();

X509CertificateBuilder x509CertificateBuilder =
(X509CertificateBuilder)builderFactory.getBuilder(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);

org.opensaml.xml.signature.X509Certificate certXMLAssertion =
x509CertificateBuilder.buildObject();

//Xuaconfiguration.getspiritidpPublicKey is a
java.security.cert.X509Certificate

certXMLAssertion.setValue(Base64.encode(XUAconfiguration.getSpiritIdPPublicKey().toString().getBytes()));
x509Data.getX509Certificates().add(certXMLAssertion);
keyInfo.getX509Datas().add(x509Data);

assertionSignature.setKeyInfo(keyInfo);
assertion.setSignature(assertionSignature);


And the certificate is added (When using the
KeyInfoHelper.addCertificate I got a index out of bound, since the
X509Data list is set to 0)

I take it like this:

KeyInfo keyInfo = assertion.getSignature().getKeyInfo();
List<X509Data> li = keyInfo.getX509Datas();

for (int i=0; i< li.size(); i++)
{
l.debug("Found x509data");

X509Data x509data = (X509Data)li.get(i);
List<X509Certificate> li1 =
x509data.getX509Certificates();

for (int j=0; j<li1.size(); j++)
{
l.debug("Found a certificate");
X509Certificate x509Cert =
(X509Certificate)li1.get(j);
l.debug(x509Cert.getValue());
try
{
byte[] certificateDecoded =
Base64.decode(x509Cert.getValue());
java.security.cert.X509Certificate
cert =
CertificateReader.readX509(new
ByteArrayInputStream(certificateDecoded));
l.debug("Certificate issued by "
+cert.getIssuerDN().getName());

}
catch (CertificateException e)
{
e.printStackTrace();
}
catch (IOException e)
{
e.printStackTrace();
}
}
}

But I got this exception:

ava.security.cert.CertificateParsingException: invalid DER-encoded
certificate data

Have you any ideas?



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.



Archive powered by MHonArc 2.6.16.

Top of Page