Example usage for javax.xml.crypto.dsig.dom DOMSignContext setNextSibling

List of usage examples for javax.xml.crypto.dsig.dom DOMSignContext setNextSibling

  1. HOME
  2. Java
  3. javax
  4. javax.xml.crypto.dsig.dom.*
  5. DOMSignContext
  6. setNextSibling

Introduction

In this page you can find the example usage for javax.xml.crypto.dsig.dom DOMSignContext setNextSibling.

Prototype

public void setNextSibling(Node nextSibling)

Source Link

Document

Sets the next sibling node.

Usage

From source file:com.vmware.identity.saml.impl.TokenAuthorityImpl.java

/**
 * Creates signature part of assertion. Uses digest method algorithm
 * corresponding to the signature algorithm used.
 *
 * @param assertion//from  ww w.j a v a2s.  c o m
 * @param signatureAlgorithm
 * @return
 */
private Element createSignatureAndSignAssertion(Assertion assertion, SignatureAlgorithm signatureAlgorithm,
        SignInfo signInfo) {
    assert assertion != null;
    assert signatureAlgorithm != null;

    XMLSignatureFactory factory = XMLSignatureFactory.getInstance();
    Element assertionElement = marshallAssertion(assertion);
    List<Transform> transforms = createTransforms();
    Reference ref = createReference(transforms, assertionElement.getAttribute(Assertion.ID_ATTRIB_NAME),
            // here we use the digest method which is corresponding to the
            // signature algorithm used
            signatureAlgorithm.getDigestMethod().toString());
    SignedInfo signedInfo = createSignedInfo(Collections.singletonList(ref), signatureAlgorithm);

    DOMSignContext signingContext = new DOMSignContext(signInfo.getPrivateKey(), assertionElement);
    signingContext.putNamespacePrefix(SignatureConstants.TRANSFORM_C14N_EXCL_OMIT_COMMENTS, "ec");
    signingContext.putNamespacePrefix(XMLSignature.XMLNS, "ds");

    // signature should be the second section in the assertion - after issuer
    // here we are sure that the structure of assertion is as follows:
    // 1) issuer 2) subject
    // we get subject node and enter signature before it and the result is:
    // 1) issuer 2) signature 3) subject
    Node subjectNode = assertionElement.getChildNodes().item(1);
    signingContext.setNextSibling(subjectNode);
    log.debug("Set SigningContext into assertion (after Issuer or as a first child in the assertion DOM).");

    final KeyInfo keyInfo = createKeyInfo(signInfo);
    XMLSignature xmlSignature = factory.newXMLSignature(signedInfo, keyInfo);

    try {
        final long start = System.nanoTime();
        xmlSignature.sign(signingContext);
        perfLog.trace("'signature.sign' took {} ms.", TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - start));
    } catch (MarshalException e) {
        throw new IllegalStateException(e);
    } catch (XMLSignatureException e) {
        throw new IllegalStateException(e);
    }
    log.debug("Created Signature and sign it.");

    return assertionElement;
}