Skip to Content.
Sympa Menu

mace-opensaml-users - XML Signing with a Certificate

Subject: OpenSAML user discussion

List archive

XML Signing with a Certificate


Chronological Thread 
  • From: "Ender Wiggin" <>
  • To:
  • Subject: XML Signing with a Certificate
  • Date: Tue, 29 Jul 2008 15:08:32 -0400
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=UzYY25pIGRO/SyUGnAVBPsB3LAtHE47k8gUI6dRE+zINbgjA7u4dC1aqvG3vuS79Kb 96rTYzwPhQFSIztrtJMNkg+FNrU97Nszh6UoQtjnEH1ImNYEffUPFvy6PedYkCrFIBkr f3GDd1Bz8gHFpqKsDf8OLqFhAyVpeyJxf3eMM=
Hello,

I need to sign a saml assertion with a digital certificate. I am bit new to this and was wondering if someone can point me to a code sample that I can reference. Alternatively, I have pasted below what I have come up with thus, but I am not sure if the manner in which I am getting the public and private keys is correct.

Any suggestions would be greatly appreciated.

Thanks

SignatureBuilder sigBuilder  = (SignatureBuilder)builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME);
           Signature signature = sigBuilder.buildObject();

KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
String ksName = res.getString("KEYSTORE");
FileInputStream ksfis = new FileInputStream(ksName);
BufferedInputStream ksbufin = new BufferedInputStream(ksfis); 
               
String ksPassword = res.getString("KEYSTORE_PSWD");
String ksPrivAlias = res.getString("KEYSTORE_PRIVKEY_ALIAS");

               ks.load(ksbufin, ksPassword.toCharArray()); 
               
               Certificate cert = ks.getCertificate(ksPrivAlias);
                                            
               PublicKey pubKey = cert.getPublicKey();

               KeyPair kp = SecurityTestHelper.generateKeyPair("RSA", 1024, null);
              
               Credential signingCred = SecurityHelper.getSimpleCredential(pubKey, kp.getPrivate());

signature.setSigningCredential(signingCred);                     signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);



Archive powered by MHonArc 2.6.16.

Top of Page