List of usage examples for javax.xml.crypto.dsig XMLSignContext setProperty
Object setProperty(String name, Object value);
From source file:it.cnr.icar.eric.common.security.wss4j.WSS4JSignatureSAML.java
/** * Compute the Signature over the references. * //from w w w. j a v a 2 s . c om * After references are set this method computes the Signature for them. * This method can be called any time after the references were set. See * <code>addReferencesToSign()</code>. * * @throws WSSecurityException */ public void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList, WSSecHeader secHeader, Element siblingElement) throws WSSecurityException { try { java.security.Key key; if (senderVouches) { key = issuerCrypto.getPrivateKey(issuerKeyName, issuerKeyPW); } else if (secretKey != null) { key = WSSecurityUtil.prepareSecretKey(sigAlgo, secretKey); } else { key = userCrypto.getPrivateKey(user, password); } SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(sigAlgo, null); SignedInfo signedInfo = signatureFactory.newSignedInfo(c14nMethod, signatureMethod, referenceList); sig = signatureFactory.newXMLSignature(signedInfo, keyInfo, null, getWsConfig().getIdAllocator().createId("SIG-", null), null); org.w3c.dom.Element securityHeaderElement = secHeader.getSecurityHeader(); // // Prepend the signature element to the security header (after the assertion) // XMLSignContext signContext = null; if (siblingElement != null && siblingElement.getNextSibling() != null) { signContext = new DOMSignContext(key, securityHeaderElement, siblingElement.getNextSibling()); } else { signContext = new DOMSignContext(key, securityHeaderElement); } signContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX); if (WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(canonAlgo)) { signContext.putNamespacePrefix(WSConstants.C14N_EXCL_OMIT_COMMENTS, WSConstants.C14N_EXCL_OMIT_COMMENTS_PREFIX); } signContext.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo); wsDocInfo.setCallbackLookup(callbackLookup); // Add the elements to sign to the Signature Context wsDocInfo.setTokensOnContext((DOMSignContext) signContext); if (secRefSaml != null && secRefSaml.getElement() != null) { WSSecurityUtil.storeElementInContext((DOMSignContext) signContext, secRefSaml.getElement()); } if (secRef != null && secRef.getElement() != null) { WSSecurityUtil.storeElementInContext((DOMSignContext) signContext, secRef.getElement()); } sig.sign(signContext); signatureValue = sig.getSignatureValue().getValue(); } catch (Exception ex) { log.error(ex); throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE, null, null, ex); } }
From source file:it.cnr.icar.eric.common.security.wss4j.WSS4JSignatureBST.java
/** * Compute the Signature over the references. * //from www . jav a 2 s . c om * This method can be called any time after the references were set. See * <code>addReferencesToSign()</code>. * * @param referenceList The list of references to sign * @param prepend Whether to prepend the signature element to the security header * @param siblingElement If prepending, then prepend before this sibling Element * * @throws WSSecurityException */ public void computeSignature(List<javax.xml.crypto.dsig.Reference> referenceList, boolean prepend, Element siblingElement) throws WSSecurityException { try { java.security.Key key; if (privateKey == null) key = crypto.getPrivateKey(user, password); else key = privateKey; // if (secretKey == null) { // key = crypto.getPrivateKey(user, password); // } else { // key = WSSecurityUtil.prepareSecretKey(sigAlgo, secretKey); // } SignatureMethod signatureMethod = signatureFactory.newSignatureMethod(sigAlgo, null); SignedInfo signedInfo = signatureFactory.newSignedInfo(c14nMethod, signatureMethod, referenceList); sig = signatureFactory.newXMLSignature(signedInfo, keyInfo, null, getWsConfig().getIdAllocator().createId("SIG-", null), null); // // Figure out where to insert the signature element // XMLSignContext signContext = null; if (prepend) { if (siblingElement == null) { Node child = securityHeader.getFirstChild(); while (child != null && child.getNodeType() != Node.ELEMENT_NODE) { child = child.getNextSibling(); } siblingElement = (Element) child; } if (siblingElement == null) { signContext = new DOMSignContext(key, securityHeader); } else { signContext = new DOMSignContext(key, securityHeader, siblingElement); } } else { signContext = new DOMSignContext(key, securityHeader); } signContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX); if (WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(canonAlgo)) { signContext.putNamespacePrefix(WSConstants.C14N_EXCL_OMIT_COMMENTS, WSConstants.C14N_EXCL_OMIT_COMMENTS_PREFIX); } signContext.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo); wsDocInfo.setCallbackLookup(callbackLookup); // Add the elements to sign to the Signature Context wsDocInfo.setTokensOnContext((DOMSignContext) signContext); if (secRef != null && secRef.getElement() != null) { WSSecurityUtil.storeElementInContext((DOMSignContext) signContext, secRef.getElement()); } sig.sign(signContext); signatureValue = sig.getSignatureValue().getValue(); } catch (Exception ex) { log.error(ex); throw new WSSecurityException(WSSecurityException.FAILED_SIGNATURE, null, null, ex); } }