LinkBack URL
About LinkBacks
sign XML with WS-Security
Hello,
I'm new to this forum but i need some help.
My problem is for signing a xml with the WS-Security Oasis specification
(it's: <wsse:security><ds:signature><ds....)
Actually i use the xws-security framework but i have a bug, look my code:
// Initialize the apache libraries Init.init(); // Obtain security elements from the keystore PrivateKey privateKey = keyEntry.getPrivateKey(); // Obtain a sample SOAPMessage from a file FileInputStream fis = new FileInputStream(new File(fileName)); Document doc = XMLUtil.toDOMDocument(fis); //SOAPMessage message = MyFileUtils.getMessageFromFile(doc); MessageFactory fac = MessageFactory.newInstance(); MimeHeaders mimeHeaders = new MimeHeaders(); mimeHeaders.addHeader("Context-Value", null); SOAPMessage message = fac.createMessage(mimeHeaders, new FileInputStream(fileName)); SOAPHeader header = message.getSOAPHeader(); SOAPBody body = message.getSOAPBody(); // Set the wsu:Id attribute to the Body XMLUtil.setWsuIdAttr(body, "id-2"); // Create a WSSE context for the SOAP message SecurableSoapMessage sssm = new SecurableSoapMessage(message); // Create a security header for the message (<wsse:Security>) SecurityHeader sh = sssm.findOrCreateSecurityHeader(); // Insert the certificate (<wsse:BinarySecurityToken>) X509SecurityToken stoken = new X509SecurityToken(header.getOwnerDocument(), cert); // Insert the keyinfo referring to the certificate (<ds:KeyInfo>) KeyInfoHeaderBlock kihb = new KeyInfoHeaderBlock(header.getOwnerDocument()); SecurityTokenReference secTR = new SecurityTokenReference(header.getOwnerDocument()); kihb.addBinarySecret(stoken.getAsSoapElement()); sh.insertHeaderBlock(kihb); // Insert the Signature block (<ds:Signature>) SignatureHeaderBlock shb = new SignatureHeaderBlock(header.getOwnerDocument(),XMLSignature.ALGO_ID_SIGNATURE_RSA); Transforms transforms = new Transforms(header.getOwnerDocument()); transforms.addTransform(CanonicalizationMethod.EXCLUSIVE); shb.addSignedInfoReference("id-2", transforms, Constants.ALGO_ID_DIGEST_SHA1); sh.insertHeaderBlock(shb); // Digest all References (#MyId) in the SignedInfo, calculate the signature value // and set it in the SignatureValue Element javax.swing.JOptionPane.showMessageDialog(null, "PublicKey : "+privateKey.toString()); shb.sign(privateKey); // Add the signature data to the header element header.addChildElement(sh.getAsSoapElement()); // Save the signed SOAP message FileOutputStream fos = new FileOutputStream(new File(signatureFileName)); message.writeTo(fos); message.writeTo(System.out);
This code return a null exception at the line : shb.sign(privateKey)
Erreur code:
An error has occurred : java.lang.NullPointerException java.lang.NullPointerException at com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP.engineCanResolve(Unknown Source) at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.canResolve(Unknown Source) at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.getInstance(Unknown Source) at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.getInstance(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.Reference.getContentsBeforeTransformation(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.Reference.calculateDigest(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.Reference.generateDigestValue(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.Manifest.generateDigestValues(Unknown Source) at com.sun.org.apache.xml.internal.security.signature.XMLSignature.sign(Unknown Source) at com.sun.xml.wss.core.SignatureHeaderBlock.sign(SignatureHeaderBlock.java:189) at sign.Main.signedXML(Main.java:475) at sign.Main.main(Main.java:113)
Thank you.
Reply With Quote
Related threads:
