Hello,

I'm trying to use Java's HMAC to sign an XML document, and I'm having
mixed success. On the one hand, I know how to compute a correct
HMAC-value out of some shared-secret, but on the other hand I do not
know how to use this in the context of XML signature.

The example I see everywhere is similar to the following:

   KeyGenerator keyGen = KeyGenerator.getInstance("HmacSHA1");
   SecretKey key = keyGen.generateKey();

Unfortunately, generateKey() always produces a new key, which makes it
a bit hard to authenticate. After looking through the web and through
this newsgroup, I can't seem to find someone with the same problem as
I. Is there some way to generate the same SecretKey each time, using an
array of bytes, so that someone can authenticate what I send?

I need something like this:

   SecretKeySpec keyspec = new SecretKeySpec(sharedSecret, "HmacSHA1");
   KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA1");
   SecretKey secretKey = keyGenerator.generateKey();

and with that secretKey I would like to use:

   XMLSignature sig = new XMLSignature(document, null,
               XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
               Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
   sig.sign(secretKey);

Can anyone help me here?

TIA,
Michael.

--
[1] http://www.w3.org/TR/xkms2/#XKMS_2_0_Section_C_1