RE: How to sign an xml files with PEM certificate ?

felixr — Fri, 12 May 2023 14:02:15 GMT

Hi, rachelg9844 thanks for replaying i was trying to work with the code but unfortunately

this is not working by chance am i passing the wrong parameters ?. the only changes that i don't have like this are the password every other letter is the same. for some reason is throwing:

Exception in thread "main" java.lang.NullPointerException: Cannot invoke "java.security.KeyStore$PrivateKeyEntry.getCertificate()" because "keyEntry" is null

do you have any advice for this and thanks.

import java.io.*;

import java.security.*;

import java.security.cert.Certificate;

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import java.util.Collections;

import javax.xml.XMLConstants;

import javax.xml.crypto.*;

import javax.xml.crypto.dom.*;

import javax.xml.crypto.dsig.*;

import javax.xml.crypto.dsig.dom.*;

import javax.xml.crypto.dsig.keyinfo.*;

import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;

import javax.xml.crypto.dsig.spec.TransformParameterSpec;

import javax.xml.parsers.*;

import javax.xml.transform.*;

import javax.xml.transform.dom.*;

import javax.xml.transform.stream.*;

import org.w3c.dom.Document;

public class SigngerForXml {

public static void main(String[] args) throws Exception {

// Load the XML document

DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();

DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();

Document doc = dBuilder.parse(new File("./documents/request.xml"));

// Load the certificate

KeyStore ks = KeyStore.getInstance("JKS");

ks.load(new FileInputStream("./documents/4300648_identity.p12"), "mypassword".toCharArray());

KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry)

ks.getEntry("4300648_identity", new KeyStore.PasswordProtection ("mypassword".toCharArray()));

X509Certificate cert = (X509Certificate) keyEntry.getCertificate();

// Create the XML signature

DOMSignContext dsc = new DOMSignContext(keyEntry.getPrivateKey(),

doc.getDocumentElement());

XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");

Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA256, null),

Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec)

null)), null, null);

SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod

(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null),

fac.newSignatureMethod(SignatureMethod.RSA_SHA256, null), Collections.singletonList(ref));

KeyInfoFactory kif = fac.getKeyInfoFactory();

X509Data x509d = kif.newX509Data(Collections.singletonList(cert));

KeyInfo ki = kif.newKeyInfo(Collections.singletonList(x509d));

XMLSignature signature = fac.newXMLSignature(si, ki);

// Sign the XML document

signature.sign(dsc);

// Save the signed XML document

TransformerFactory tf = TransformerFactory.newInstance();

Transformer trans = tf.newTransformer();

trans.transform(new DOMSource(doc), new StreamResult(new File("./documents/response.xml"))); }}

RE: How to sign an xml files with PEM certificate ?

rachelg9844 — Thu, 11 May 2023 05:58:45 GMT

[deleted]

RE: How to sign an xml files with PEM certificate ?

Mathieu Drouin — Tue, 09 May 2023 02:14:03 GMT

Not possible AFAIK.