Listing 3: EnvelopedDigitalSignature.java
package xmlsignatures;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dsig.spec.*;
import java.io.File;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import javax.xml.parsers.DocumentBuilder;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.OutputStream;
import javax.xml.transform.*;
import javax.xml.transform.dom.DOMSource;
import javax.xml.crypto.dsig.keyinfo.*;
import java.util.List;
import java.security.*;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.parsers.DocumentBuilderFactory;
import java.util.ArrayList;
import java.security.cert.*;
public class EnvelopedDigitalSignatureCertificate {
public static void main(String[] args) throws Exception {
//Create a XMLSigantureFactory object
XMLSignatureFactory xmlSignatureFactory =
XMLSignatureFactory.getInstance("DOM");
//Create the digest method
DigestMethod digestMethod =
xmlSignatureFactory.newDigestMethod
(DigestMethod.SHA1, null);
//Create a Tranform object
Transform transform =
xmlSignatureFactory.newTransform(
Transform.ENVELOPED,
(TransformParameterSpec) null);
List < Transform > transformList =
new ArrayList < Transform > () ;
transformList.add(transform);
//Create the Reference object
Reference reference =
xmlSignatureFactory.newReference("",
digestMethod, transformList, null, null);
List < Reference > referenceList =
new ArrayList < Reference > () ;
referenceList.add(reference);
//Create the canonicalization method
CanonicalizationMethod canonicalizationMethod =
xmlSignatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.INCLUSIVE,
(C14NMethodParameterSpec)null);
//Create the signature method
SignatureMethod signatureMethod =
xmlSignatureFactory.newSignatureMethod(
SignatureMethod.DSA_SHA1, null);
//Create the SignedInfo object
SignedInfo signedInfo =
xmlSignatureFactory.newSignedInfo
(canonicalizationMethod, signatureMethod,
referenceList, null);
//Load the KeyStore (MyCertification)
and get the signing key and certificate.
KeyStore keyStore =
KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(
"C://JavaApplications//XMLDigitalSiganture//
XMLSignatures//XMLs//MyCertification"), "e1002qa2".toCharArray());
//Access <mykey> with <e1002qa2> password
KeyStore.PrivateKeyEntry keyEntry =
(KeyStore.PrivateKeyEntry)
keyStore.getEntry
("mykey", new KeyStore.PasswordProtection
("e1002qa2".toCharArray()));
X509Certificate x509cert =
(X509Certificate) keyEntry.getCertificate();
//Create the KeyInfo
KeyInfoFactory keyInfoFactory =
xmlSignatureFactory.getKeyInfoFactory();
List < Object > x509CertList =
new ArrayList < Object > () ;
x509CertList.add(x509cert.getSubjectX500Principal().getName());
x509CertList.add(x509cert);
X509Data x509Data =
keyInfoFactory.newX509Data(x509CertList);
List < X509Data > x509DataList =
new ArrayList < X509Data > () ;
x509DataList.add(x509Data);
KeyInfo keyInfo =
keyInfoFactory.newKeyInfo(x509DataList);
//Create a classic DOM factory instance (DocumentBuilderFactory)
DocumentBuilderFactory documentBuilderFactory =
DocumentBuilderFactory.newInstance();
//Make namespace aware
documentBuilderFactory.setNamespaceAware(true);
//Create a DocumentBuilder
DocumentBuilder documentBuilder =
documentBuilderFactory.newDocumentBuilder();
//Create a Document
Document document =
documentBuilder.parse(
new File("C://JavaApplications//XMLDigitalSiganture
//XMLSignatures//XMLs//in.xml"));
//Create a DOMSignContext
DOMSignContext domSignContext =
new DOMSignContext(
keyEntry.getPrivateKey(),
document.getDocumentElement());
//Finally, create the XMLSignature
XMLSignature xmlSignature =
xmlSignatureFactory.newXMLSignature(signedInfo,keyInfo);
//Sign the document
xmlSignature.sign(domSignContext);
//Write the resulted document
OutputStream outputStream =
new FileOutputStream
("C://JavaApplications//XMLDigitalSiganture
//XMLSignatures//XMLs//outCertEnveloped.xml");
//Create a TransformerFactory
TransformerFactory transformerFactory =
TransformerFactory.newInstance();
//Create a Tranformer
Transformer transformer =
transformerFactory.newTransformer();
//Write the result into the out.xml document
transformer.transform(new DOMSource(document),
new StreamResult(outputStream));
}
}
New on the Java Boutique:
New Review:
Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling
API boasts simplicity, ease-of-integration, a well-rounded feature
set, and it's free!
New Applet:
Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA
sequences into three useful formats.
Elsewhere on internet.com:
WebDeveloper Java
Lots of Java information on webdeveloper.com
WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.
ScriptSearch Java
Hundreds of free Java code files to download.
jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.
|
