The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Revision of reading private key from a file(.pem) and sign SAML Assertion from Mon, 2009-04-06 03:09

Hi,

I am working on SAML assertion. I have a private key abc.pem. I want to read this file and sign the assertion. The code I found on the internet is what I have written. I might be wrong, but somehow I think this code is for generation private key from a public key, which is what I don't want. I already have a private key, alias and its password. I just want to read it from file and sign the assertion. You help would be greatly appreciated.

Thanks,
Vijay

 

Code Snippet:
 

String privKeyFile = "abc.pem";
String alias = "test";
char[] password = "pwd".toCharArray();
// read private key PEM file
java.io.DataInputStream dis = new java.io.DataInputStream(new FileInputStream(privKeyFile));
byte[] privKeyBytes = new byte[(int)privKeyFile.length()];
dis.readFully(privKeyBytes);
dis.close();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
BASE64Decoder b64 = new BASE64Decoder();
// decode private key
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(b64.decodeBuffer(privKeyBytes.toString()));
RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(privSpec);
samlassertion.sign(
Signature.getInstance("MD5withRSA").toString(),
privKey,
null
);

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I