Skip to Content.
Sympa Menu

mace-opensaml-users - Adding KeyInfo to signature

Subject: OpenSAML user discussion

List archive

Adding KeyInfo to signature


Chronological Thread 
  • From: anyz <>
  • To:
  • Subject: Adding KeyInfo to signature
  • Date: Thu, 7 May 2009 11:16:56 +0500
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=vhmwtWxUHSiW0odivGCT4Z8QbzuyaKVhSZLiJNrQJSj7dRZjJFSy8zH0zgLIg/IeNy j62KgSYe0/4Z9qYjT4RSIxbSVP0jr1OG+t158SOSSW8Qmos0E3a9FJijnpWDFCI+oe8O 1ofhseWls6UPMVP8MXiQQQZ+oHVmZUSCPrEoI=

I have generated authResponse message using OpenSAML. However when verified through http://www.infomosaic.net/SecureXMLVerifyWS.htm service the signatures are not validated. I saw the sample response message at infomosaic includes KeyInfo tags in Signature elements.
 
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="MySignature">
   <KeyInfo><KeyValue><RSAKeyValue><Modulus>xxxxx</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue>
<X509Data><X509Certificate>xxxxxxxx</X509Certificate></X509Data></KeyInfo></Signature>
 
I tried tutorial at https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG and forums but could not add KeyInfo in AuthReponse message. Can you guide what i'm missing? Following is snnipet how id tried adding keyinfo.
 
 

SecurityConfiguration secConfiguration = Configuration.getGlobalSecurityConfiguration();
NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager = secConfiguration.getKeyInfoGeneratorManager();
KeyInfoGeneratorManager keyInfoGeneratorManager = namedKeyInfoGeneratorManager.getDefaultManager();
KeyInfoGeneratorFactory keyInfoGeneratorFactory = keyInfoGeneratorManager.getFactory(credential);
KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance();
KeyInfo keyInfo =

null;
try{
keyInfo = keyInfoGenerator.generate(credential);
}
catch (SecurityException e) {
System.
out.println(e);
}
signature.setKeyInfo(keyInfo);

Thanks

 




Archive powered by MHonArc 2.6.16.

Top of Page