You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de> on 2002/10/07 23:58:23 UTC

Re: Just getting the hash

Hi Michael,

now I understand the problem. First of all, you don't have to mess around 
in the output to get the digest. This is OOP ;-)) Simply fetch it from the 
signature *object*.

Simply? Sorry, Reference does not have a getDigestValue() method. I forgot 
it ;-)) I've added one in CVS now. So you must use a trick till 1.0.5 is 
released:

Element digestValueElem =
  sig.getSignedInfo().item(0).getChildElementLocalName(0,
          Constants.SignatureSpecNS,
          Constants._TAG_DIGESTVALUE);
byte[] elemDig = Base64.decode(digestValueElem);

In the above code, you take the 1st Reference [sig.getSignedInfo().item(0)] 
and get the DigestValue element out of it. Then simply decode and that's 
it.

BTW, your code has a bug ;-)) If you say sig.addDocument("", ...) and hope 
that you get comments because you use TRANSFORM_C14N_WITH_COMMENTS, then 
your wrong. URI="" trims all comments out of the input. Use 
URI="#xpointer(/)" instead if you need comments.

And -- you don't need the OfflineResolver. This is *ONLY* for the test 
vectors.

I attached the java sample which runs out of the box.

Regards,
Christian

BTW, the program outputs this:

# The document ##########
<docElement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canonicali
zationMethod>
<ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMetho
d>
<ds:Reference URI="#xpointer(/)">
<ds:Transforms>
<ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Tran
sform>
<ds:Transform 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></
ds:Transform>
</ds:Transforms>
<ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>BZl3yisN3tsmsNoRw3u/SHictZU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>vzoZqD8ImNq8650sh5gdO23MQSk=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>The secret passphrase for the MAC is 
"secret".getBytes()</ds:KeyName>
</ds:KeyInfo>
</ds:Signature></docElement>

# The signed part #######

<docElement></docElement>
<!-- some comment -->

# The digest (hex) ######

05 99 77 CA 2B 0D DE DB 26 B0 DA 11 C3 7B BF 48 78 9C B5 95

#########################