/**
* @param context JAXBFilterProcessingContext
* @return errorCode
* @throws XWSSecurityException
*/
public static int sign(JAXBFilterProcessingContext context) throws XWSSecurityException {
try {
SignaturePolicy signaturePolicy = (SignaturePolicy) context.getSecurityPolicy();
((NamespaceContextEx) context.getNamespaceContext()).addSignatureNS();
WSSPolicy keyBinding = (WSSPolicy) signaturePolicy.getKeyBinding();
if (logger.isLoggable(Level.FINEST)) {
logger.log(Level.FINEST, "KeyBinding is " + keyBinding);
}
Key signingKey = null;
SignatureElementFactory signFactory = new SignatureElementFactory();
KeyInfo keyInfo = null;
SecurityHeader securityHeader = context.getSecurityHeader();
// Get the Signing key and KeyInfo from TokenProcessor
TokenProcessor tokenProcessor = new TokenProcessor(signaturePolicy, context);
BuilderResult builderResult = tokenProcessor.process();
signingKey = builderResult.getDataProtectionKey();
keyInfo = builderResult.getKeyInfo();
if (keyInfo != null || !keyBinding.isOptional()) {
SignedInfo signedInfo = signFactory.constructSignedInfo(context);
JAXBSignContext signContext = new JAXBSignContext(signingKey);
signContext.setURIDereferencer(DSigResolver.getInstance());
XMLSignature signature =
signFactory.constructSignature(signedInfo, keyInfo, signaturePolicy.getUUID());
signContext.put(MessageConstants.WSS_PROCESSING_CONTEXT, context);
NamespaceAndPrefixMapper npMapper =
new NamespaceAndPrefixMapper(
context.getNamespaceContext(), context.getDisableIncPrefix());
signContext.put(NamespaceAndPrefixMapper.NS_PREFIX_MAPPER, npMapper);
signContext.putNamespacePrefix(MessageConstants.DSIG_NS, MessageConstants.DSIG_PREFIX);
signature.sign(signContext);
JAXBSignatureHeaderElement jaxBSign =
new JAXBSignatureHeaderElement(
(com.sun.xml.ws.security.opt.crypto.dsig.Signature) signature,
context.getSOAPVersion());
securityHeader.add(jaxBSign);
// For SignatureConfirmation
List scList = (ArrayList) context.getExtraneousProperty("SignatureConfirmation");
if (scList != null) {
scList.add(Base64.encode(signature.getSignatureValue().getValue()));
}
}
// End SignatureConfirmation specific code
} catch (XWSSecurityException xe) {
logger.log(Level.SEVERE, LogStringsMessages.WSS_1701_SIGN_FAILED(), xe);
throw xe;
} catch (Exception ex) {
logger.log(Level.SEVERE, LogStringsMessages.WSS_1701_SIGN_FAILED(), ex);
throw new XWSSecurityException(ex);
}
return 0;
}
/**
* Creates a new instance of TokenProcessor
*
* @param sp SignaturePolicy
* @param context the ProcessingContext
*/
public TokenProcessor(SignaturePolicy sp, JAXBFilterProcessingContext context) {
// this.sp = sp;
this.context = context;
this.keyBinding = (WSSPolicy) sp.getKeyBinding();
}
