For Programmers: Free Programming Magazines  


Home > Archive > Java Security > June 2007 > Extracting an X509Certificate from XML









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Extracting an X509Certificate from XML
Ian Wilson

2007-06-11, 7:09 pm

I have a SOAP envelope digitally signed and including an X509
certificate. I'd like to verify the signature using the public key from
the certificate but cannot work out how to get the public key in my
KeySelector implementation

Sun's documentation at
http://java.sun.com/developer/techn..._signature_api/
gives examples for when the <X509Data> is inside the <KeyInfo> but not
for the construction below.

XML is
<soapenv:Envelope ...>
<soapenv:Header>
<wsse:Security ...>
<wsse:BinarySecurityToken
EncodingType="wsse:Base64Binary"
Id="X509Token"
ValueType="wsse:X509v3">
MIIB9zCCAWCgAwIBAgIERZwdkzANBgkqhkiG9w0B
AQUFADBAMQswCQYD
VQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZp
Y2F0ZXMgSW5jLjEQ
MA4GA1UEAxMHTXkgTmFtZTAeFw0wNzAxMDMyMTE4
MTFaFw0zMTA4MjUy
...
</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
...
<ds:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#X509Token"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
....

The above XML is loaded into a org.w3c.dom.Document, I can extract the
BinarySecurityToken into a org.w3c.dom.Node and get at the BASE64 data
using getTextContent() but I can't work out how to extract a
java.security.PublicKey from it.

Can anyone offer me a clue?
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com