Context Navigation

source: fedd/abac-src/ttg/credential/SignCredential.java @ df783c1

axis_examplecompt_changesinfo-opsversion-2.00version-3.01version-3.02

Last change on this file since df783c1 was 8780cbec, checked in by Jay Jacobs <Jay.Jacobs@…>, 15 years ago
ABAC sources from Cobham
Property mode set to `100644`
File size: 3.2 KB

Rev	Line
[8780cbec]	1	package com.nailabs.abac.credential;
	2
	3	import java.security.*;
	4	import java.security.cert.*;
	5	import org.w3c.dom.*;
	6	import org.apache.xml.security.signature.*;
	7	import org.apache.xml.security.exceptions.*;
	8	import org.apache.xml.security.transforms.Transforms;
	9	import org.apache.xml.security.utils.*;
	10
	11	/**
	12	* A utility for signing a credential domain document.
	13	*/
	14	public class SignCredential extends Application {
	15	/** signature algorithm is set to DSA */
	16	protected static String SIG_TYPE = XMLSignature.ALGO_ID_SIGNATURE_DSA;
	17	/** digest algorithm is SHA-1 */
	18	protected static String DIGEST_TYPE = Constants.ALGO_ID_DIGEST_SHA1;
	19
	20	protected static String KEY_PAIR_TYPE = "DSA";
	21
	22	protected PrivateKey privateKey = null;
	23
	24	protected PublicKey publicKey = null;
	25
	26	protected X509Certificate cert = null;
	27
	28	/**
	29	* Constructor for the application which reads in an XML document,
	30	* parses the doc into a DOM tree, signs the document, and writes
	31	* the signed tree into an XML file. Cryptographic material is supplied
	32	* by a Java keystore.
	33	*/
	34	public SignCredential(String argv[]) {
	35	super(argv);
	36	name = "SignCredential";
	37	parseParameters();
	38	getKeys();
	39	readDoc();
	40	signDoc();
	41	writeDoc();
	42	}
	43
	44	private void generateKeyPair() {
	45	if(DEBUG) {
	46	out.println("Generating random keypair for use in signature");
	47	out.println("(useful for demo purposes only)" );
	48	}
	49	try {
	50	KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_PAIR_TYPE);
	51	kpg.initialize(512);
	52	KeyPair newKeyPair = kpg.generateKeyPair();
	53	privateKey = newKeyPair.getPrivate();
	54	publicKey = newKeyPair.getPublic();
	55	} catch( java.security.NoSuchAlgorithmException nsae ) {
	56	if(DEBUG)nsae.printStackTrace();
	57	}
	58	}
	59
	60	protected void getKeys() {
	61	super.getKeys(); // loads the keystore to a class instance field
	62	if( keys == null )
	63	generateKeyPair(); // Generate a random, one-time-use key
	64	else {
	65	try {
	66	cert = (X509Certificate)keyStore.getCertificate(alias);
	67	publicKey = cert.getPublicKey();
	68	privateKey =
	69	(PrivateKey)keyStore.getKey(alias, password.toCharArray());
	70	} catch( Exception e ) {
	71	cert = null;
	72	publicKey = null;
	73	e.printStackTrace();
	74	}
	75	}
	76	}
	77
	78	protected void signDoc() {
	79	try {
	80	String baseURI = outXML.toURL().toString();
	81	XMLSignature sig = new XMLSignature(doc, baseURI, SIG_TYPE );
	82	docElement.appendChild( sig.getElement() );
	83	Transforms transforms = new Transforms( doc );
	84	transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE );
	85	transforms.addTransform( Transforms.TRANSFORM_C14N_WITH_COMMENTS );
	86	if( includeTransform ) {
	87	sig.addDocument("", transforms, DIGEST_TYPE);
	88	}
	89	if( includeCert && ( cert != null ) ) {
	90	sig.addKeyInfo( cert );
	91	} else if( publicKey != null )
	92	sig.addKeyInfo( publicKey );
	93	sig.sign( privateKey );
	94	} catch( XMLSecurityException xmlse ) {
	95	xmlse.printStackTrace();
	96	} catch( java.net.MalformedURLException murle ) {
	97	murle.printStackTrace();
	98	}
	99	}
	100
	101
	102	/** standard main routine for launching the application */
	103	public static void main(String argv[]) {
	104	SignCredential sc = new SignCredential(argv);
	105	}
	106
	107	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: