java - How to set X509Certificate under X509Data using Spring Security

Question

I'm trying to add X509Certificate UNDER x509Data when signing a SOAP Request, below is my code snip. Guys I'm new in Digital Signature thing. So we you have any other solution do post in comments.

I need to digitally sign a soap request with a jks file and than need to send it towards client.

@Bean
public Jaxb2Marshaller getLGMarshaller() {
    Jaxb2Marshaller marshaller = new Jaxb2Marshaller();
    marshaller.setMtomEnabled(true);
    marshaller.setContextPath("pk.herman.wsdl");
    return marshaller;
}

@Bean
public CryptoFactoryBean getCryptoFactoryBean() throws IOException {

    CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
    cryptoFactoryBean.setKeyStorePassword(keyStorePassword);
    cryptoFactoryBean.setKeyStoreLocation(new ClassPathResource(keyStoreClassPathResource));

    return cryptoFactoryBean;
}

@Bean
public Wss4jSecurityInterceptor securityInterceptor() throws Exception {
    Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor();

    securityInterceptor.setSecurementActions("Signature Timestamp");

    securityInterceptor.setSecurementTimeToLive(300000);
    securityInterceptor.setTimestampPrecisionInMilliseconds(true);

    securityInterceptor.setSecurementUsername(privatekeyAlias);
    securityInterceptor.setSecurementPassword(privatekeyPassword);
    securityInterceptor.setSecurementSignatureCrypto(getCryptoFactoryBean().getObject());

    securityInterceptor.setSecurementSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
    securityInterceptor.setSecurementSignatureDigestAlgorithm("http://www.w3.org/2001/04/xmlenc#sha256");

    securityInterceptor.setSecurementMustUnderstand(false);
    securityInterceptor.setSecurementSignatureParts(
            "{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body;{Content}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp");

    return securityInterceptor;
}

@Bean
public IIBSoapClient getLGClient() throws Exception {

    ClientInterceptor[] interceptors = new ClientInterceptor[] { securityInterceptor() };

    IIBSoapClient lgClient = new IIBSoapClient();
    lgClient.setMarshaller(getLGMarshaller());
    lgClient.setUnmarshaller(getLGMarshaller());
    lgClient.setInterceptors(interceptors);
    lgClient.getWebServiceTemplate().setMessageSender(new IIBBasicAuth());
    return lgClient;
}

Currently getting below output

<ds:KeyInfo Id="KI-75e2259a-c70f-4f6d-92d0-752513e2919d">
    <wsse:SecurityTokenReference wsu:Id="STR-44406dea-3324-4eef-8dcb-21aca375e562">
        <ds:X509Data>
            <ds:X509IssuerSerial>
                <ds:X509IssuerName>CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US</ds:X509IssuerName>
                <ds:X509SerialNumber>12345678</ds:X509SerialNumber>
            </ds:X509IssuerSerial>
        </ds:X509Data>
    </wsse:SecurityTokenReference>
</ds:KeyInfo>

Expected Output should be

<ds:KeyInfo>
    <ds:X509Data>
        <ds:X509Certificate>MIIGDDCCBPSgAwIBAgIQC9qg6N4BpzKYe78RsUosyTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG0+ZIKSzv4COUxkKKkQ==</ds:X509Certificate>
    </ds:X509Data>
    <ds:KeyValue>
        <ds:RSAKeyValue>
            <ds:Modulus>sCIykcfZ1X0EkDLHSLu2bqI8qfwCk5IfD3Kqc2==</ds:Modulus>
            <ds:Exponent>AQAB</ds:Exponent>
        </ds:RSAKeyValue>
    </ds:KeyValue>
</ds:KeyInfo>

question from:https://stackoverflow.com/questions/65869910/how-to-set-x509certificate-under-x509data-using-spring-security

Answer 1

Waitting for answers