Creating a Public Key Pair
228
J
AVA
XML D
IGITAL
S
IGNATURE
API
Creating a Public Key Pair
We generate a public key pair. Later in the example, we will use the private key
to generate the signature. We create the key pair with a
KeyPairGenerator
. In
this example, we will create a DSA
KeyPair
with a length of 512 bytes :
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
In practice, the private key is usually previously generated and stored in a
Key-
Store
file with an associated public key certificate.
Creating a Signing Context
We create an XML Digital Signature
XMLSignContext
containing input parame-
ters for generating the signature. Since we are using DOM, we instantiate a
DOM-
SignContext
(a subclass of
XMLSignContext
), and pass it two parameters, the
private key that will be used to sign the document and the root of the document
to be signed:
DOMSignContext dsc = new DOMSignContext
(kp.getPrivate(), doc.getDocumentElement());
Assembling the XML Signature
We assemble the different parts of the
Signature
element into an
XMLSignature
object. These objects are all created and assembled using an
XMLSignatureFac-
tory
object. An application obtains a DOM implementation of
XMLSignature-
Factory
by calling the following line of code:
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM");
We then invoke various factory methods to create the different parts of the
XML-
Signature
object as shown below. We create a
Reference
object, passing to it
the following:
· The URI of the object to be signed (We specify a URI of "", which implies
the root of the document.)
· The
DigestMethod
(we use SHA1)
