Context Navigation

source: fedd/abac-src/ttg/credential/SignCredential.java @ df783c1

axis_examplecompt_changesinfo-opsversion-2.00version-3.01version-3.02

Last change on this file since df783c1 was 8780cbec, checked in by Jay Jacobs <Jay.Jacobs@…>, 15 years ago
ABAC sources from Cobham
Property mode set to `100644`
File size: 3.2 KB

Line
1	package com.nailabs.abac.credential;
2
3	import java.security.*;
4	import java.security.cert.*;
5	import org.w3c.dom.*;
6	import org.apache.xml.security.signature.*;
7	import org.apache.xml.security.exceptions.*;
8	import org.apache.xml.security.transforms.Transforms;
9	import org.apache.xml.security.utils.*;
10
11	/**
12	* A utility for signing a credential domain document.
13	*/
14	public class SignCredential extends Application {
15	/** signature algorithm is set to DSA */
16	protected static String SIG_TYPE = XMLSignature.ALGO_ID_SIGNATURE_DSA;
17	/** digest algorithm is SHA-1 */
18	protected static String DIGEST_TYPE = Constants.ALGO_ID_DIGEST_SHA1;
19
20	protected static String KEY_PAIR_TYPE = "DSA";
21
22	protected PrivateKey privateKey = null;
23
24	protected PublicKey publicKey = null;
25
26	protected X509Certificate cert = null;
27
28	/**
29	* Constructor for the application which reads in an XML document,
30	* parses the doc into a DOM tree, signs the document, and writes
31	* the signed tree into an XML file. Cryptographic material is supplied
32	* by a Java keystore.
33	*/
34	public SignCredential(String argv[]) {
35	super(argv);
36	name = "SignCredential";
37	parseParameters();
38	getKeys();
39	readDoc();
40	signDoc();
41	writeDoc();
42	}
43
44	private void generateKeyPair() {
45	if(DEBUG) {
46	out.println("Generating random keypair for use in signature");
47	out.println("(useful for demo purposes only)" );
48	}
49	try {
50	KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_PAIR_TYPE);
51	kpg.initialize(512);
52	KeyPair newKeyPair = kpg.generateKeyPair();
53	privateKey = newKeyPair.getPrivate();
54	publicKey = newKeyPair.getPublic();
55	} catch( java.security.NoSuchAlgorithmException nsae ) {
56	if(DEBUG)nsae.printStackTrace();
57	}
58	}
59
60	protected void getKeys() {
61	super.getKeys(); // loads the keystore to a class instance field
62	if( keys == null )
63	generateKeyPair(); // Generate a random, one-time-use key
64	else {
65	try {
66	cert = (X509Certificate)keyStore.getCertificate(alias);
67	publicKey = cert.getPublicKey();
68	privateKey =
69	(PrivateKey)keyStore.getKey(alias, password.toCharArray());
70	} catch( Exception e ) {
71	cert = null;
72	publicKey = null;
73	e.printStackTrace();
74	}
75	}
76	}
77
78	protected void signDoc() {
79	try {
80	String baseURI = outXML.toURL().toString();
81	XMLSignature sig = new XMLSignature(doc, baseURI, SIG_TYPE );
82	docElement.appendChild( sig.getElement() );
83	Transforms transforms = new Transforms( doc );
84	transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE );
85	transforms.addTransform( Transforms.TRANSFORM_C14N_WITH_COMMENTS );
86	if( includeTransform ) {
87	sig.addDocument("", transforms, DIGEST_TYPE);
88	}
89	if( includeCert && ( cert != null ) ) {
90	sig.addKeyInfo( cert );
91	} else if( publicKey != null )
92	sig.addKeyInfo( publicKey );
93	sig.sign( privateKey );
94	} catch( XMLSecurityException xmlse ) {
95	xmlse.printStackTrace();
96	} catch( java.net.MalformedURLException murle ) {
97	murle.printStackTrace();
98	}
99	}
100
101
102	/** standard main routine for launching the application */
103	public static void main(String argv[]) {
104	SignCredential sc = new SignCredential(argv);
105	}
106
107	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: