I was given a certificate to generate a SAML. This is what I did so far but I get org.apache.xml.security.signature.XMLSignatureException: object not initialized for signature or verification error at Signer.signObject(singature).
If I comment out this line and try I get the SAMLResponse however without SignatureValue and DigestValue. But of course I need to have them.
Any ideas?
(Also I only have the publicKey() from the cert as this was not generated by me. Please let me know if this is even right in the first place. I didn't find any relevant answered questions in SO so posted here.)
doSmthMethod() { signature = getSignature(); // See below assertion.setSignature(signature); try { Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion); Signer.signObject(signature); //**Errors out Here** } catch (MarshallingException e) { logger.log(Level.SEVERE,"Marshalling Exception:" + e); } catch (SignatureException e) { logger.log(Level.SEVERE,"Signature Exception:"+e); } } ... ... ... ... ... public static Signature getSignature() { Credential signingCredential = getCredential(); // See below Signature signature = null; try { DefaultBootstrap.bootstrap(); } catch (ConfigurationException e) { e.printStackTrace(); } signature = (Signature) Configuration.getBuilderFactory() .getBuilder(Signature.DEFAULT_ELEMENT_NAME) .buildObject(Signature.DEFAULT_ELEMENT_NAME); signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); signature.setSigningCredential(signingCredential); SecurityConfiguration secConfig = Configuration.getGlobalSecurityConfiguration(); //Added below for Keyinfo KeyInfo keyInfo = null;/* (KeyInfo)Configuration.getBuilderFactory() .getBuilder(Signature.DEFAULT_ELEMENT_NAME) .buildObject(Signature.DEFAULT_ELEMENT_NAME);*/ NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager = secConfig.getKeyInfoGeneratorManager(); KeyInfoGeneratorManager keyInfoGeneratorManager = namedKeyInfoGeneratorManager.getDefaultManager(); KeyInfoGeneratorFactory keyInfoGeneratorFactory = keyInfoGeneratorManager.getFactory(signingCredential); KeyInfoGenerator keyInfoGenerator = keyInfoGeneratorFactory.newInstance(); try{ try { keyInfo = keyInfoGenerator.generate(signingCredential); } catch (org.opensaml.xml.security.SecurityException e) { logger.log(Level.SEVERE,"Exception while creating keyInfo:: "+ e); } }catch (SecurityException e) { logger.log(Level.SEVERE,"Exception occured: "+e); } signature.setKeyInfo(keyInfo); try { logger.log(Level.INFO,"Prepating signature params..."); System.out.println("In getSignature.....before preparingSignatureParams"); SecurityHelper.prepareSignatureParams(signature, signingCredential, secConfig, null); System.out.println(" After preparing params"); } catch (SecurityException e) { logger.log(Level.SEVERE,"Failed to prepareSignature:: "+ e); System.out.println(" *******Got securirytExcption"); e.printStackTrace(); } catch (org.opensaml.xml.security.SecurityException e) { logger.log(Level.SEVERE,"Failed to prepareSignature:: "+ e); System.out.println(" *******Got openSaml securirytExcption"); e.printStackTrace(); } catch(Exception e) { System.out.println(" *******Got Exception in SelfSignassertion"); e.printStackTrace(); } return signature; } private static Credential getCredential() { InputStream inStream = new FileInputStream("C:\\samplecert.cer"); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate cert= (X509Certificate)cf.generateCertificate(inStream); BasicX509Credential credential = new BasicX509Credential(); credential.setEntityCertificate(cert); credential.setPublicKey(cert.getPublicKey()); return credential; }
No comments:
Post a Comment