Ulrich Ackermann wrote:
Hi Sean,
Thank you for your response. It seems that my question wasn't as
clear as I thought it would be. I Haven't got any problems in using a
Smartcard. I DO have got problems in getting the right hash, that has
to be encrypted with the private key on the Smartcard (or on any
other hardware crypto device). I have used the example class which is
included in the XML Security download. But it gets me a different
SignatureValue, when I calculate the digest of the SignedInfo element
outside the framework and encrypt it on a smartcard (or for testing
purposes with a software key as I did).
Ok, but what I was suggesting is that the PKCS#11 provider should take
care of all of this for you if you have configured it correctly and your
card/OS is supported. See:
http://java.sun.com/j2se/1.5.0/docs/guide/security/p11guide.html#Keys
So, maybe I should narrow my question down to "How do I get the
bytes, that the XML security framework uses for hashing?" or "Is
there a way, to get the hash of the SignedInfo element from the XML
security framework?"
There is a method
org.apache.xml.security.signature.SignedInfo.getCanonicalizedOctetStream()
that is probably what you are looking for.
--Sean
