DEVHIDE
Login Or Sign up

Correct method to sign an XML document using S/MIME with a PKCS7 keystore containing a private key and its X.509 certificate

64 Views Asked by At 
private static byte[] signXML(byte[] xmlData, X509Certificate certificate, PrivateKey privateKey) throws IOException, OperatorCreationException, CertificateEncodingException, MessagingException, SMIMEException {
// Create a list with the certificate to sign
List<Certificate> certList = Arrays.asList(certificate);
Store certs = new JcaCertStore(certList);
// Build the signer information
SMIMESignedGenerator signer = new SMIMESignedGenerator();
signer.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().build("SHA256withECDSA", privateKey, certificate));
signer.addCertificates(certs);
// Create a MIME body part from the XML data
MimeBodyPart messagePart = new MimeBodyPart();
messagePart.setContent(xmlData, "application/xml");
// Generate the signed message
MimeMultipart signedPart = signer.generate(messagePart);
// Create the final S/MIME message
Properties props = System.getProperties();
Session session = Session.getDefaultInstance(props);
MimeMessage finalMessage = new MimeMessage(session);
finalMessage.setContent(signedPart, signedPart.getContentType());
finalMessage.saveChanges();
finalMessage.removeHeader("Date");
finalMessage.removeHeader("Message-Id");
// Return the signed message as a byte array
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
finalMessage.writeTo(outputStream);
return outputStream.toByteArray();
}

WHen i try to read the governance and permission signed .p7s certificate using the xml

<CycloneDDS>
<Domain id="any">
<DDSSecurity>
<Authentication>
<Library finalizeFunction="finalize_authentication" initFunction="init_authentication" path="dds_security_auth" />
<IdentityCA>file:/root/dds-device1-certs/test_ca_cert.pem</IdentityCA>
<IdentityCertificate>file:/root/dds-device1-certs/dds_device_testing_cert.pem</IdentityCertificate>
<PrivateKey>file:/root/dds-device1-certs/dds_device_testing_priv_key.pem</PrivateKey>
</Authentication>
<Cryptographic>
<Library finalizeFunction="finalize_crypto" initFunction="init_crypto" path="dds_security_crypto" />
</Cryptographic>
<AccessControl>
<Library finalizeFunction="finalize_access_control" initFunction="init_access_control" path="dds_security_ac" />
<PermissionsCA>file:/root/dds-device1-certs/test_ca_cert.pem</PermissionsCA>
<Governance>file:/root/dds-device1-certs/dds_device_testing_governance.p7s</Governance>
<Permissions>file:/root/dds-device1-certs/dds_device_testing_permissions.p7s</Permissions>
</AccessControl>
</DDSSecurity>
</Domain>
</CycloneDDS>

getting below error: Listener Instantiated 1689945593.215404 [0] python: config: //CycloneDDS/Domain: 'DDSSecurity': deprecated alias for 'Security' (/root/dds-device1-certs/config.xml line 3) 1689945593.221912 [0] python: Error occurred while validating local permissions: Failed to parse PKCS7 SMIME document: 40865E32807F0000:error:10800080:PKCS7 routines:PKCS7_get0_signers:signer certificate not found:../crypto/pkcs7/pk7_smime.c:428: (code: 127)

xml-parsing digital-signature bouncycastle pkcs#7 smime
Original Q&A
0

There are 0 best solutions below

Related Questions in XML-PARSING

Related Questions in DIGITAL-SIGNATURE

Related Questions in BOUNCYCASTLE

Related Questions in PKCS#7

Related Questions in SMIME

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.