Re: how sign an xml file ?

Tue, 12 Aug 2008 11:41:20 -0700 

I don't understand your question.  If you are signing an XML file, you 
have to create the signature node first:

        public static Element signAssertion(Element assertion, Map cred)
                        throws Exception {
                Document doc = assertion.getOwnerDocument();
                // somehow the ID attribute is not yet really in the doc
                // so we regsiter the id of interest so the Resolver 
called by sign can
                // find it
                String assertionId = 
assertion.getAttributeNode("ID").toString()
                                .substring(4, 37);
                IdResolver.registerElementById(assertion, assertionId);

                XMLSignature sig = new XMLSignature(doc, "",
                                XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1,
 Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
                assertion.insertBefore(sig.getElement(), 
assertion.getFirstChild());

                // create the transforms object for the Document/Reference
                Transforms transforms = new Transforms(doc);

                // First we have to strip away the signature element (it's 
not part of
                // the signature calculations). The enveloped transform 
can be used.
 transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
                // Part of the signature element needs to be 
canonicalized. It is a kind
                // of normalizing algorithm for XML. For more information 
please take a
                // look at the W3C XML Digital Signature webpage.
                InclusiveNamespaces incNS = new InclusiveNamespaces(doc,
                                "ds saml xenc xs");

 transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS,
                                incNS.getElement());

                // Add the above Document/Reference
                sig.addDocument("#" + assertionId, transforms,
                                Constants.ALGO_ID_DIGEST_SHA1);

                Key privKey = (Key) cred.get("privateKey");
                sig.sign(privKey);

                return assertion;
        }

Notice that sig.addDocument is called before the sign()

Not sure if this helps...

Ed




Anais <[EMAIL PROTECTED]> 
08/11/2008 10:26 AM
Please respond to
security-dev@xml.apache.org


To
security-dev@xml.apache.org
cc

Subject
how sign an xml file ?







Hi,

I'm a newbie in xml signature. I have look at the example : templatesign 
in
order to sign a xml file with a key in a PEM file but i have the error :
could not find <signature> node
I don't undestand why a <signature> node is requiered because my first 
file
can't have this node.
In the future i would like to make multiple signature and sign pdf files.
 
Thanks
-- 
View this message in context: 
http://www.nabble.com/how-sign-an-xml-file---tp18926885p18926885.html
Sent from the Apache XML - Security - Dev mailing list archive at 
Nabble.com.

Reply via email to