You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de> on 2002/10/07 23:58:23 UTC
Re: Just getting the hash
Hi Michael,
now I understand the problem. First of all, you don't have to mess around
in the output to get the digest. This is OOP ;-)) Simply fetch it from the
signature *object*.
Simply? Sorry, Reference does not have a getDigestValue() method. I forgot
it ;-)) I've added one in CVS now. So you must use a trick till 1.0.5 is
released:
Element digestValueElem =
sig.getSignedInfo().item(0).getChildElementLocalName(0,
Constants.SignatureSpecNS,
Constants._TAG_DIGESTVALUE);
byte[] elemDig = Base64.decode(digestValueElem);
In the above code, you take the 1st Reference [sig.getSignedInfo().item(0)]
and get the DigestValue element out of it. Then simply decode and that's
it.
BTW, your code has a bug ;-)) If you say sig.addDocument("", ...) and hope
that you get comments because you use TRANSFORM_C14N_WITH_COMMENTS, then
your wrong. URI="" trims all comments out of the input. Use
URI="#xpointer(/)" instead if you need comments.
And -- you don't need the OfflineResolver. This is *ONLY* for the test
vectors.
I attached the java sample which runs out of the box.
Regards,
Christian
BTW, the program outputs this:
# The document ##########
<docElement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canonicali
zationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMetho
d>
<ds:Reference URI="#xpointer(/)">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Tran
sform>
<ds:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></
ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>BZl3yisN3tsmsNoRw3u/SHictZU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>vzoZqD8ImNq8650sh5gdO23MQSk=</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>The secret passphrase for the MAC is
"secret".getBytes()</ds:KeyName>
</ds:KeyInfo>
</ds:Signature></docElement>
# The signed part #######
<docElement></docElement>
<!-- some comment -->
# The digest (hex) ######
05 99 77 CA 2B 0D DE DB 26 B0 DA 11 C3 7B BF 48 78 9C B5 95
#########################