para assinar oconteúdo da tag segue:
private static PrivateKey getPrivateKey(String certificadoFullName, String senha) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException {
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(certificadoFullName), senha.toCharArray());
String alias = (String) ks.aliases().nextElement();
KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(alias, new KeyStore.PasswordProtection(senha.toCharArray()));
return keyEntry.getPrivateKey();
}
public static String assinar(byte[] textoParaAssinar, String certificadoFullName, String senha) {
Signature signer = null;
String hash = "";
try {
signer = Signature.getInstance("SHA1withRSA");
signer.initSign(getPrivateKey(certificadoFullName, senha));
signer.update(textoParaAssinar);
hash = Base64.encodeBase64String(signer.sign());
} catch (SignatureException | InvalidKeyException | NoSuchAlgorithmException ex) {
return null;
} catch (KeyStoreException | IOException | CertificateException | UnrecoverableEntryException ex) {
java.util.logging.Logger.getLogger(Main1.class.getName()).log(Level.SEVERE, null, ex);
}
return hash;
}
depois é só assinar o corpo do XML normalmente, abraços.