Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Re: Adding KeyInfo to signature

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Re: Adding KeyInfo to signature


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Re: Adding KeyInfo to signature
  • Date: Thu, 07 May 2009 15:46:49 -0400

That code looks correct. The only way I can see offhand that it
wouldn't generate a KeyInfo is if the Credential in fact didn't have a
public key (or entity certificate) in it. From where or how are you
getting the Credential.



anyz wrote:
> On debuging i found keyInfo generated is NULL. Is there something
> wrong with code for generating keyinfo?
>
>
>
> On Thu, May 7, 2009 at 11:16 AM, anyz
> <
> <mailto:>>
> wrote:
>
> I have generated authResponse message using OpenSAML. However when
> verified through
> http://www.infomosaic.net/SecureXMLVerifyWS.htm service the
> signatures are not validated. I saw the sample response message at
> infomosaic includes KeyInfo tags in Signature elements.
>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";
> Id="MySignature">
>
>
> <KeyInfo><KeyValue><RSAKeyValue><Modulus>xxxxx</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue>
>
> <X509Data><X509Certificate>xxxxxxxx</X509Certificate></X509Data></KeyInfo></Signature>
>
> I tried tutorial at
> https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG and
> forums but could not add KeyInfo in AuthReponse message. Can you
> guide what i'm missing? Following is snnipet how id tried adding
> keyinfo.
>
>
>
> SecurityConfiguration secConfiguration =
> Configuration./getGlobalSecurityConfiguration/();
> NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager =
> secConfiguration.getKeyInfoGeneratorManager();
> KeyInfoGeneratorManager keyInfoGeneratorManager =
> namedKeyInfoGeneratorManager.getDefaultManager();
> KeyInfoGeneratorFactory keyInfoGeneratorFactory =
> keyInfoGeneratorManager.getFactory(credential);
> KeyInfoGenerator keyInfoGenerator =
> keyInfoGeneratorFactory.newInstance();
> KeyInfo keyInfo =
>
> *null*;
> *try*{
> keyInfo = keyInfoGenerator.generate(credential);
> }*catch* (SecurityException e) {
> System./out/.println(e);
> }
> signature.setKeyInfo(keyInfo);
>
> Thanks
>
>
>
>



Archive powered by MHonArc 2.6.16.

Top of Page