[OpenSAML] problem with Sign.signObject()

[Fabrizio Paccagnella]

Hi, I tried to sign an assertion following this tutorial
https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG

However when I try to sign the assertion I get this exception:
org.apache.xml.security.signature.XMLSignatureException: object not
initialized for signature or verification

This is my code:
DefaultBootstrap.bootstrap();

// Get the builder factory
XMLObjectBuilderFactory builderFactory =
Configuration.getBuilderFactory();

//credential
String key_path = "/home/user/saml/idp/server.pem";
String cert_path = "/home/user/saml/idp/server.crt";

PrivateKey privatekey = SecurityHelper.decodePrivateKey(new
File(key_path), null);
X509Certificate certificate = X509Util.decodeCertificate(new
File(cert_path)).toArray(new X509Certificate[0])[0];

Credential signingCredential =
SecurityHelper.getSimpleCredential(certificate, privatekey);

Signature signature = (Signature)
builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signatur
e.DEFAULT_ELEMENT_NAME);
SecurityHelper.prepareSignatureParams(signature,
signingCredential, null, null);

Assertion assertion = (Assertion)
builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME).buildObject(Assertio
n.DEFAULT_ELEMENT_NAME);
assertion.setSignature(signature);


Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(asserti
on);

Signer.signObject(signature);

and this is my stack trace:
Exception in thread "main" java.lang.RuntimeException:
org.apache.xml.security.signature.XMLSignatureException: object not
initialized for signature or verification
Original Exception was java.security.SignatureException: object not
initialized for signature or verification
at org.apache.xml.security.utils.SignerOutputStream.write(Unknown
Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flushBuffer(Unknown
Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flush(Unknown Source)
at
org.apache.xml.security.utils.UnsyncBufferedOutputStream.close(Unknown Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonical
izeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineC
anonicalizeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineC
anonicalizeSubTree(Unknown Source)
at
org.apache.xml.security.c14n.Canonicalizer.canonicalizeSubtree(Unknown Source)
at
org.apache.xml.security.signature.SignedInfo.signInOctectStream(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
at org.opensaml.xml.signature.Signer.signObject(Signer.java:78)
at automa.test.AutomaTestMain.main(AutomaTestMain.java:52)

I using xmlsec-1.4.3.jar and the other library shipped with opensaml-2.3.1.

Any suggestion?

Fabrizio

[Fabrizio Paccagnella]

No one can help me??

Fabrizio

[Brent Putman]

On 8/16/10 10:12 AM, Fabrizio Paccagnella wrote:

>> Hi, I tried to sign an assertion following this tutorial
>> https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG
>>
>> However when I try to sign the assertion I get this exception:
>> org.apache.xml.security.signature.XMLSignatureException: object not
>> initialized for signature or verification

You get that error when you don't supply a key to Apache xmlsec. I
didn't see a call to signature.setSigningCredential in your code. I
suppose b/c it's omitted from that particular example on the wiki. (It
is present on the example above that one). I have fixed the wiki.
Basically you just need to call
"signature.setSigningCredential(signingCredential)".

That should solve your problem, but if not, let me know.

--Brent

[Fabrizio Paccagnella]

Thank you very much! This solves my problem.

Thanks.

Fabrizio