javax.xml.crypto.dsig

1. Generating an XML Signature

import javax.xml.crypto.dsig.*;

// Create XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.newDocument();

// Create XML Signature
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
Reference ref = factory.newReference("", DigestMethod.SHA256);
SignedInfo si = factory.newSignedInfo(factory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), factory.newSignatureMethod(SignatureMethod.RSA_SHA256, null), Collections.singletonList(ref));
KeyInfo ki = factory.newKeyInfo(Collections.singletonList(factory.newKeyName("John Doe")));
XMLSignature signature = factory.newXMLSignature(si, ki);

// Sign XML document
Key privateKey = ...; // Obtain private key
XMLSignatureSigner signer = factory.newXMLSignatureSigner(privateKey, null);
signer.sign(signature, document);

2. Verifying an XML Signature

import javax.xml.crypto.dsig.*;

// Load XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.parse(new File("document.xml"));

// Get XML Signature
XMLElement sigElement = (XMLElement) document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0);
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = factory.unmarshalXMLSignature(sigElement);

// Verify XML Signature
Key publicKey = ...; // Obtain public key
XMLSignatureVerifier verifier = factory.newXMLSignatureVerifier(publicKey);
verifier.verify(signature, document);

3. Creating a Signed XML Detached Signature

import javax.xml.crypto.dsig.*;

// Create XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.newDocument();

// Create XML Signature
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
Reference ref = factory.newReference("#document", DigestMethod.SHA256);
SignedInfo si = factory.newSignedInfo(factory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), factory.newSignatureMethod(SignatureMethod.RSA_SHA256, null), Collections.singletonList(ref));
KeyInfo ki = factory.newKeyInfo(Collections.singletonList(factory.newKeyName("John Doe")));
XMLSignature signature = factory.newXMLSignature(si, ki);

// Sign XML document
Key privateKey = ...; // Obtain private key
XMLSignatureSigner signer = factory.newXMLSignatureSigner(privateKey, null);
DOMSignContext context = new DOMSignContext(privateKey, null);
signer.sign(signature, context);

4. Verifying a Signed XML Detached Signature

import javax.xml.crypto.dsig.*;

// Load XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.parse(new File("document.xml"));

// Load detached XML Signature
Document sigDoc = db.parse(new File("signature.xml"));

// Get XML Signature
XMLElement sigElement = (XMLElement) sigDoc.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0);
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = factory.unmarshalXMLSignature(sigElement);

// Verify XML Signature
Key publicKey = ...; // Obtain public key
XMLSignatureVerifier verifier = factory.newXMLSignatureVerifier(publicKey);
verifier.verify(signature, document);

5. Creating a Signed XML Enveloped Signature

import javax.xml.crypto.dsig.*;

// Create XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.newDocument();

// Create XML Signature
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
Reference ref = factory.newReference("", DigestMethod.SHA256);
Transforms transforms = factory.newTransforms(Collections.singletonList(factory.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)));
ref.setTransforms(transforms);
SignedInfo si = factory.newSignedInfo(factory.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null), factory.newSignatureMethod(SignatureMethod.RSA_SHA256, null), Collections.singletonList(ref));
KeyInfo ki = factory.newKeyInfo(Collections.singletonList(factory.newKeyName("John Doe")));
XMLSignature signature = factory.newXMLSignature(si, ki);

// Sign XML document
Key privateKey = ...; // Obtain private key
XMLSignatureSigner signer = factory.newXMLSignatureSigner(privateKey, null);
DOMSignContext context = new DOMSignContext(privateKey, document.getDocumentElement());
signer.sign(signature, context);

6. Verifying a Signed XML Enveloped Signature

import javax.xml.crypto.dsig.*;

// Load XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.parse(new File("document.xml"));

// Get XML Signature
XMLElement sigElement = (XMLElement) document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0);
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
XMLSignature signature = factory.unmarshalXMLSignature(sigElement);

// Verify XML Signature
Key publicKey = ...; // Obtain public key
XMLSignatureVerifier verifier = factory.newXMLSignatureVerifier(publicKey);
verifier.verify(signature, document);

7. Creating a Signed XML Canonical XML Signature

import javax.xml.crypto.dsig.*;

// Create XML document
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
Document document = db.newDocument();

// Create XML Signature
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
Reference ref = factory.newReference("", DigestMethod.SHA256);
Trans

Previousjavax.xml.crypto.dsig.keyinfo Nextjavax.xml.crypto.dsig.spec