XML DSig, signing with external keys
Hello,
is there any way how I can use the the new XML DSig APIs in Java 6 to sign an XML document using an external key -- that is, a key that is not available as a Java PrivateKey object?
What I am trying to do is to use a private key stored on a smart card to sign an XML document. The key being stored on a smart card, I can't access the key data at all. But I can have the card sign a digest internally.
In terms of XML DSig APIs, I'd like to create an XMLSignature and use it to calculate the reference data (digest), then sign the digest using the SC, and store the resulting signature in the XMLSignature object.
As far as I can see, XML DSig APIs do not support this. In order to sign an XML document, I need to call XMLSignature.sign with an XMLSignContext, which is used to select a key. But, as I said, I don't have a key. The API does not say, but perhaps the digest value is calculated even before sign() is called -- I don't know. However, XMLSignatureFactory does not contain methods to create a SignatureValue object, nor can one be added to XMLSignature after it has been created, so I won't be able to store one in XMLSignature object anyway.
Apparently this use case has not been considered in JSR 105 at all?
