1 /*
2  * @(#) $Id: WSSSignAndEncrypt.java,v 1.2 2003/07/08 08:13:52 pankaj Exp $
3  *
4  * Copyright (c) 2002-03 by Pankaj Kumar (http://www.pankaj-k.net). 
5  * All rights reserved.
6  *
7  * The license governing the use of this file can be found in the 
8  * root directory of the containing software.
9  */
10
11import java.io.FileInputStream;
12import java.io.ObjectInputStream;
13import java.io.FileOutputStream;
14import org.w3c.dom.Document;
15import java.security.PublicKey;
16import java.security.PrivateKey;
17import javax.crypto.SecretKey;
18import java.security.cert.X509Certificate;
19
20import com.verisign.xmlsig.SigningKey;
21import com.verisign.xmlsig.SigningKeyFactory;
22import com.verisign.xmlsig.KeyInfo;
23import com.verisign.messaging.WSSecurity;
24import com.verisign.xmlenc.AlgorithmType;
25import com.verisign.xpath.XPath;
26
27public class WSSSignAndEncrypt {
28    public static void main(String[] args) throws Exception {
29        if (args.length < 1){
30            System.out.println("Usage:: java WSSSignAndEncrypt <inp-file> [<out-file>]");
31            return;
32        }
33        String datafile = args[0];
34        String outfile = "signed_and_encrypted.xml";
35        if (args.length > 1)
36            outfile = args[1];
37
38        String keystore = "my.keystore";
39        String storepass = "changeit";
40        String kstype = "JCEKS";
41        String alias1 = "mykey";
42        String alias2 = "rsakey";
43        String keyfile = "3des.key";
44
45        System.out.println("Signing XML data in file \"" + datafile + "\" using private key");
46        System.out.println("in keystore \"" + keystore + "\" at alias \"" + alias1 + "\"...");
47        System.out.println("And encrypting Signed data  \"" + datafile + "\" using secret key in");
48        System.out.println("file \"" + keyfile + "\" and encrypting the secret key using public key");
49        System.out.println("in keystore \"" + keystore + "\" at alias \"" + alias2 + "\"...");
50
51        // Get the private key and corresponding certificate.
52        FileInputStream fis = new FileInputStream(keystore);
53        java.security.KeyStore ks = java.security.KeyStore.getInstance(kstype);
54        ks.load(fis, storepass.toCharArray());
55        X509Certificate cert1 = (X509Certificate)ks.getCertificate(alias1);
56        PrivateKey prvk1 = (PrivateKey)ks.getKey(alias1, storepass.toCharArray());
57        X509Certificate cert2 = (X509Certificate)ks.getCertificate(alias2);
58        PublicKey pubk2 = cert2.getPublicKey();
59
60        ObjectInputStream ois = new ObjectInputStream(new FileInputStream(keyfile));
61        SecretKey key = (SecretKey)ois.readObject();
62
63        // Read the XML file
64        Document doc = XmlUtility.readXML(datafile);
65        SigningKey signingKey = SigningKeyFactory.makeSigningKey(prvk1);
66        KeyInfo signingKeyInfo = new KeyInfo();
67        signingKeyInfo.setCertificate(cert1);
68
69        KeyInfo encryptingKeyInfo = new KeyInfo();
70        encryptingKeyInfo.setCertificate(cert2);
71
72        WSSecurity wss = new WSSecurity();
73        wss.signAndEncrypt(doc,
74                signingKey, signingKeyInfo,
75                key, AlgorithmType.TRIPLEDES,
76                pubk2, AlgorithmType.RSA1_5, encryptingKeyInfo);
77
78        // Write the signed XML file
79        XmlUtility.writeXML(doc, new FileOutputStream(outfile));
80        System.out.println("... Wrote the output to file: \"" + outfile + "\"");
81    }
82}