Good day! I am trying to sign XML in custom mediation with java and using government SDK when I signed with algorithm http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 it works well,
but when I am trying to sign with algorithm http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311 I got an error:
org.apache.xml.security.signature.XMLSignatureException: The requested algorithm http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311 does not exist. Original Message was: null
Original Exception was java.lang.NullPointerException
at org.apache.xml.security.algorithms.SignatureAlgorithm.getSignatureAlgorithmSpi(SignatureAlgorithm.java:160)
at org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(SignatureAlgorithm.java:73)
at org.apache.xml.security.signature.SignedInfo.<init>(SignedInfo.java:118)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:256)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:185)
at kz.EsbGcvp.SignGcvp.SignXML(SignGcvp.java:113)
Code on Java is working well with two algorithms without deploy in Wso esb, but when I call it from Wso esb I get an error if will use gost34310-gost34311.
I think that problem with version xmlsec-000, I have already used versions 1.4.4, 1.4.8, 1.5.8, but unsuccessfully.
So how can I set up WSO2 ESB or understand which version or type framework.jar i have to use? I have been using WSO2 ESB Version 6.4.0
Code in mediation:
private static String SignXML(String xmlDoc, String keyPath, String keyPass) throws TransformerFactoryConfigurationError, Exception
{
KalkanProvider provider = new KalkanProvider();
Security.addProvider(provider);
KncaXS.loadXMLSecurity();
KeyStore ks = KeyStore.getInstance("PKCS12", provider.getName());
System.getProperty("user.dir");
ks.load(new FileInputStream(keyPath), keyPass.toCharArray());
String alias = ks.aliases().nextElement();
PrivateKey key = (PrivateKey) ks.getKey(alias, keyPass.toCharArray());
X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
String signMethod = null;
String digestMethod = null;
String sigAlgOid = certificate.getSigAlgOID();
if (sigAlgOid.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId())) {
signMethod = Constants.MoreAlgorithmsSpecNS + "rsa-sha1";
digestMethod = Constants.MoreAlgorithmsSpecNS + "sha1";
} else if (sigAlgOid.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId())) {
signMethod = Constants.MoreAlgorithmsSpecNS + "rsa-sha256";
digestMethod = XMLCipherParameters.SHA256;
} else {
signMethod = Constants.MoreAlgorithmsSpecNS + "gost34310-gost34311";
digestMethod = Constants.MoreAlgorithmsSpecNS + "gost34311";
}
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder documentBuilder = dbf.newDocumentBuilder();
org.w3c.dom.Document doc = (org.w3c.dom.Document) documentBuilder.parse(new ByteArrayInputStream(xmlDoc.getBytes("UTF-8")));
StringWriter os = new StringWriter();
XMLSignature signature;
try {
signature = new XMLSignature(doc, "", signMethod);
if (doc.getFirstChild() != null) {
doc.getFirstChild().appendChild(signature.getElement());
Transforms transforms = new Transforms(doc);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(XMLCipherParameters.N14C_XML_CMMNTS);
signature.addDocument("", transforms, digestMethod);
signature.addKeyInfo(certificate);
signature.addKeyInfo(certificate.getPublicKey());
signature.sign(key);
TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
trans.transform(new DOMSource(doc), new StreamResult(os));
os.close();
return os.toString().replaceAll("\\<\\?xml(.+?)\\?\\>", "").trim();
}
else
{
throw new NullPointerException("doc.getFirstChild() value is null.");
}
} catch (Exception e) {
e.printStackTrace();
throw e;
}
}
