Examples of com.sun.org.apache.xml.internal.security.signature.XMLSignature

• com.sun.org.apache.xml.internal.security.signature.XMLSignature
  Handles <ds:Signature> elements. This is the main class that deals with creating and verifying signatures.

  There are 2 types of constructors for this class. The ones that take a document, baseURI and 1 or more Java Objects. This is mostly used for signing purposes. The other constructor is the one that takes a DOM Element and a BaseURI. This is used mostly with for verifying, when you have a SignatureElement. There are a few different types of methods:

  • The addDocument* methods are used to add References with optional transforms during signing.
  • addKeyInfo* methods are to add Certificates and Keys to the KeyInfo tags during signing.
  • appendObject allows a user to add any XML Structure as an ObjectContainer during signing.
  • sign and checkSignatureValue methods are used to sign and validate the signature.

  @author $Author: raul $

            doc.getElementsByTagNameNS(Constants.SignatureSpecNS, "Signature");
        if (nl.getLength() == 0) {
            throw new Exception("Couldn't find signature Element");
        }
        Element sigElement = (Element) nl.item(0);
        XMLSignature signature = new XMLSignature
            (sigElement, file.toURI().toString());
        SecretKey sk = signature.createSecretKey("secret".getBytes("ASCII"));
        try {
            System.out.println
                ("Validation status: " + signature.checkSignatureValue(sk));
            System.out.println("FAILED");
            atLeastOneFailed = true;
        } catch (XMLSignatureException xse) {
            System.out.println(xse.getMessage());
            System.out.println("PASSED");

    private static void generate_hmac_sha1_40() throws Exception {
        System.out.println("Generating ");

        Document doc = dbf.newDocumentBuilder().newDocument();
        XMLSignature sig = new XMLSignature
            (doc, null, XMLSignature.ALGO_ID_MAC_HMAC_SHA1, 40,
             Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
        try {
            sig.sign(getSecretKey("secret".getBytes("ASCII")));
            System.out.println("FAILED");
            atLeastOneFailed = true;
        } catch (XMLSignatureException xse) {
            System.out.println(xse.getMessage());
            System.out.println("PASSED");

     */
    public SignatureHeaderBlock(SOAPElement elem) throws XWSSecurityException {
        super(elem);
        try {
            this.document = elem.getOwnerDocument();
            delegateSignature = new XMLSignature(elem, null);
        } catch (Exception e) {
            // add log here
            log.log(
                Level.SEVERE,
                "WSS0322.exception.creating.signatureblock",

    public SignatureHeaderBlock(Document doc, String signatureMethodURI)
        throws XWSSecurityException {
        try {
            this.document = doc;
            delegateSignature =
                new XMLSignature(
                    doc, null, signatureMethodURI,
                    Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
            dirty = true;
            setSOAPElement(getAsSoapElement());
        } catch (XMLSecurityException e) {