0 Replies Latest reply: Jan 10, 2013 7:42 AM by User582191-Oracle RSS

    XML Signature signing the keyinfo

    User582191-Oracle
      Hi,

      I have a requirement to generate enveloping XML Signature for a XML document. Using JSR 105 i was able to achieve enveloping signature, however one more requirement is to sign the KeyInfo element. Can someone please help in figuring out how to sign the KeyInfo element.

      The requirement is to achieve:

      <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="Signature001">
      <dsig:SignedInfo>
      <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
      <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
      <dsig:Reference URI="#KeyInfo001">
      <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <dsig:DigestValue>lidrMtTOohEypP9i9KcrY9+MrbI=</dsig:DigestValue>
      </dsig:Reference>
      <dsig:Reference URI="#Resource1">
      <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <dsig:DigestValue>hUHy5l7iki/Xks3V0bzz7kamGlU=</dsig:DigestValue>
      </dsig:Reference>
      </dsig:SignedInfo>
      <dsig:SignatureValue>GufDaAGCgjTfLKFZhK8/6Sb9KbqnKFQdaQ4SZ4ftoOySmYuYvLAh7wmYdiqqx7ykpWnvfejP+6wT
      SamsvB6xotqkUgC3p1ZsJubq9Wc4kKZeaTJfEmeq0vIWjCWFXu3pofJJSyecmBWmTQK+WezMwRIX
      aE4oHWJsXDBw8CarlmI=</dsig:SignatureValue>
      <dsig:KeyInfo Id="KeyInfo001">
      <dsig:KeyValue>
      <dsig:RSAKeyValue>
      <dsig:Modulus>xm9N3kv/MNfsYOoN48vhy3xiCyJuZl5nxEb2ya8+ItvwI+73IjSjVlqfkdxIAH4vBpjVhLfpV+p+
      GUqpuN6kb2/ynnXAcRzM/YGkIsVYBHZZsUK6BSfIxo/IDmPC2cv866W6NG8DQlnzRhOYBLpdtc3P
      XlRdkm6SlDLv8/ck+FE=</dsig:Modulus>
      <dsig:Exponent>AQAB</dsig:Exponent>
      </dsig:RSAKeyValue>
      </dsig:KeyValue>
      </dsig:KeyInfo>
      <dsig:Object Id="Resource1">
      ...