However when I try to sign the assertion I get this exception:
org.apache.xml.security.signature.XMLSignatureException: object not
initialized for signature or verification
This is my code:
DefaultBootstrap.bootstrap();
// Get the builder factory
XMLObjectBuilderFactory builderFactory =
Configuration.getBuilderFactory();
//credential
String key_path = "/home/user/saml/idp/server.pem";
String cert_path = "/home/user/saml/idp/server.crt";
PrivateKey privatekey = SecurityHelper.decodePrivateKey(new
File(key_path), null);
X509Certificate certificate = X509Util.decodeCertificate(new
File(cert_path)).toArray(new X509Certificate[0])[0];
Credential signingCredential =
SecurityHelper.getSimpleCredential(certificate, privatekey);
Signature signature = (Signature)
builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signatur
e.DEFAULT_ELEMENT_NAME);
SecurityHelper.prepareSignatureParams(signature,
signingCredential, null, null);
Assertion assertion = (Assertion)
builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME).buildObject(Assertio
n.DEFAULT_ELEMENT_NAME);
assertion.setSignature(signature);
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(asserti
on);
Signer.signObject(signature);
and this is my stack trace:
Exception in thread "main" java.lang.RuntimeException:
org.apache.xml.security.signature.XMLSignatureException: object not
initialized for signature or verification
Original Exception was java.security.SignatureException: object not
initialized for signature or verification
at org.apache.xml.security.utils.SignerOutputStream.write(Unknown
Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flushBuffer(Unknown
Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flush(Unknown Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.close(Unknown Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonical
izeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineC
anonicalizeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineC
anonicalizeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.Canonicalizer.canonicalizeSubtree(Unknown Source)
at
org.apache.xml.security.signature.SignedInfo.signInOctectStream(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
at org.opensaml.xml.signature.Signer.signObject(Signer.java:78)
at automa.test.AutomaTestMain.main(AutomaTestMain.java:52)
I using xmlsec-1.4.3.jar and the other library shipped with opensaml-2.3.1.
Any suggestion?
Fabrizio
Fabrizio
On 8/16/10 10:12 AM, Fabrizio Paccagnella wrote:
>> Hi, I tried to sign an assertion following this tutorial
>> https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG
>>
>> However when I try to sign the assertion I get this exception:
>> org.apache.xml.security.signature.XMLSignatureException: object not
>> initialized for signature or verification
You get that error when you don't supply a key to Apache xmlsec. I
didn't see a call to signature.setSigningCredential in your code. I
suppose b/c it's omitted from that particular example on the wiki. (It
is present on the example above that one). I have fixed the wiki.
Basically you just need to call
"signature.setSigningCredential(signingCredential)".
That should solve your problem, but if not, let me know.
--Brent
Thanks.
Fabrizio