You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Tom Oehser <to...@toms.net> on 2002/10/22 16:44:58 UTC
Re: XML Security with JDOM
This is a known problem when dom-1 methods are used, I think a workaround has
been implemented, so you might want to just get the newest CVS pull and see if
that fixes your issue. -Tom
On Tue, 22 Oct 2002, JC Tchitchiama wrote:
> Date: Tue, 22 Oct 2002 15:21:02 +0100
> From: JC Tchitchiama <jc...@panonet.net>
> To: security-dev@xml.apache.org
> Subject: XML Security with JDOM
>
> All,
>
> I am starting using the Apache XML security tool to sign an XML file.
> I am have sucessfully run the signature example. That example
> uses DOM technology and that's fine.
> My requirement is to sign a JDOM document using xml apache.
> My first thought was change the src_example and output a JDOM document into a
> DOM
> code snippet
> ...
> DOMOutputter out = new DOMOutputter()
> w3c.dom.Document doc = out.output(jdom.Document)
> ...
>
> document and proceed with the signature. I keep getting the NPE below.
> A collegue told me that they might be some issue in the JDOM serialization.
> When I output the DOM document into a file using XMLSerializer
> it works fine XMLSignature cannot handle that same document
>
> Any ideas
>
>
> Best Regards.
>
> JC.
>
>
>
> ==================[CreateSignature] Root jett
> Start signing
> java.lang.NullPointerException
> at org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknown
> Source)
> at java.util.Arrays.mergeSort(Arrays.java:1181)
> at java.util.Arrays.sort(Arrays.java:1128)
> at java.util.Collections.sort(Collections.java:121)at
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315.getAttrs(Unknown
> Source) at
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315.canonicalizeXPathNodeSet(Unknown
> Source)at
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315.canonicalizeXPathNodeSet(Unknown
> Source)at
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315.engineCanonicalizeXPathNodeSet(Unknown
> Source)at
> org.apache.xml.security.transforms.implementations.TransformC14NWithComments.enginePerformTransform(Unknown
> Source)at
> org.apache.xml.security.transforms.Transform.performTransform(Unknown
> Source)at
> org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
> Source)at
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
> Source) at
> org.apache.xml.security.signature.Reference.getReferencedBytes(Unknown
> Source)at org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> Source)at
> org.apache.xml.security.signature.Reference.generateDigestValue(Unknown
> Source) at
> org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown
> Source) at org.apache.xml.security.signature.XMLSignature.sign(Unknown
> Source)
> ================================================
> jct@panonet.net
> =================================================================
>
Re: XML Security with JDOM
Posted by JC Tchitchiama <jc...@panonet.net>.
Christian,
The namespace id as you said but what do you mean by local name
if you mean Element name yes it's Signature.
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod>
Cheers
JC
On Wednesday 23 Oct 2002 4:29 pm, Christian Geuer-Pollmann wrote:
> --On Mittwoch, 23. Oktober 2002 15:59 +0100 JC Tchitchiama
>
> <jc...@panonet.net> wrote:
> > No sigElement is not null I can print out the name Tag etc... That's why
> > I'm confused here !!!
>
> Is the
>
> local name == "Signature"
>
> *and* the
>
> namespace == "http://www.w3.org/2000/09/xmldsig#" ?
>
>
> Christian
--
Best Regards.
JC.
==================================================================
jct@panonet.net
=================================================================
Re: XML Security with JDOM
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
--On Mittwoch, 23. Oktober 2002 15:59 +0100 JC Tchitchiama
<jc...@panonet.net> wrote:
> No sigElement is not null I can print out the name Tag etc... That's why
> I'm confused here !!!
Is the
local name == "Signature"
*and* the
namespace == "http://www.w3.org/2000/09/xmldsig#" ?
Christian
Re: XML Security with JDOM
Posted by JC Tchitchiama <jc...@panonet.net>.
Christian,
No sigElement is not null I can print out the name Tag etc... That's why I'm
confused here !!!
Cheers
JC
PS:
On Wednesday 23 Oct 2002 3:57 pm, Christian Geuer-Pollmann wrote:
> Element sigElement = (Element)
> XPathAPI.selectSingleNode(doc,
> "//ds:Signature[1]", nscontext);
>
> The question is: "Is sigElement != null ?"
>
> You select the first Signature element in xmldsig namespace. But did you
> really find one in your input document?
>
>
> --On Mittwoch, 23. Oktober 2002 15:40 +0100 JC Tchitchiama
>
> <jc...@panonet.net> wrote:
> > Christian,
> >
> >
> > I looked at what you are saying but don't quiet get it.
> >
> > Below is what I have got in the VerifySignature.java
> > ...
> > SAXBuilder builder = new SAXBuilder();
> >
> > org.jdom.Document jdomDoc = builder.build(signatureFile);
> >
> > DOMOutputter outputter = new DOMOutputter();
> > org.w3c.dom.Document doc = outputter.output(jdomDoc);
> >
> > org.w3c.dom.Element nscontext = XMLUtils.createDSctx(doc, "ds",
> >
> > Constants.SignatureSpecNS); org.w3c.dom.Element sigElement =
> > (org.w3c.dom.Element) = XPathAPI.selectSingleNode(doc,
> > "//ds:Signature[1]", nscontext);
> > ...
> > Note that this example works well when JDOM is not involved at all
> >
> > Thx
> >
> > JC
> >
> > On Wednesday 23 Oct 2002 11:36 am, Christian Geuer-Pollmann wrote:
> >> org.apache.xml.security.exceptions.XMLSecurityException:
> >>
> >> "Cannot create an ElementProxy from
> >> a null argument"
> >>
> >> You must supply an org.w3c.dom.Element from the Signature recs namespace
> >> and local name "Signature" to the
> >>
> >> new XMLSignature(Element el, ...)
> >>
> >> but in your code, el==null
> >>
> >> Christian
> >>
> >>
> >>
> >>
> >> --On Mittwoch, 23. Oktober 2002 11:18 +0100 JC Tchitchiama
> >>
> >> <jc...@panonet.net> wrote:
> >> > All,
> >> > I downloaded the new CVS and I am getting this exception on a file
> >> > that was succesfully signed !!!!
> >> >
> >> > Any ideas
> >> >
> >> > JC
> >> >
> >> > [VerifySignature]
> >> > [VerifySignature] at
> >> > org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
> >> > [VerifySignature] at
> >> > org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
> >> > [VerifySignature] at
> >> > org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
> >> > Source) [VerifySignature] at
> >> > org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
> >> > [VerifySignature] at
> >> > org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
> >> > [VerifySignature] at
> >> > org.apache.xml.security.samples.signature.VerifySignature.main(Unknown
> >> > Source)
> >> >
> >> > On Tuesday 22 Oct 2002 3:44 pm, you wrote:
> >> >> This is a known problem when dom-1 methods are used, I think a
> >> >> workaround has been implemented, so you might want to just get the
> >> >> newest CVS pull and see if that fixes your issue. -Tom
> >> >>
> >> >> On Tue, 22 Oct 2002, JC Tchitchiama wrote:
> >> >> > Date: Tue, 22 Oct 2002 15:21:02 +0100
> >> >> > From: JC Tchitchiama <jc...@panonet.net>
> >> >> > To: security-dev@xml.apache.org
> >> >> > Subject: XML Security with JDOM
> >> >> >
> >> >> > All,
> >> >> >
> >> >> > I am starting using the Apache XML security tool to sign an XML
> >> >> > file. I am have sucessfully run the signature example. That example
> >> >> > uses DOM technology and that's fine.
> >> >> > My requirement is to sign a JDOM document using xml apache.
> >> >> > My first thought was change the src_example and output a JDOM
> >> >> > document into a DOM
> >> >> > code snippet
> >> >> > ...
> >> >> > DOMOutputter out = new DOMOutputter()
> >> >> > w3c.dom.Document doc = out.output(jdom.Document)
> >> >> > ...
> >> >> >
> >> >> > document and proceed with the signature. I keep getting the NPE
> >> >> > below. A collegue told me that they might be some issue in the JDOM
> >> >> > serialization. When I output the DOM document into a file using
> >> >> > XMLSerializer
> >> >> > it works fine XMLSignature cannot handle that same document
> >> >> >
> >> >> > Any ideas
> >> >> >
> >> >> >
> >> >> > Best Regards.
> >> >> >
> >> >> > JC.
> >> >> >
> >> >> >
> >> >> >
> >> >> > ==================[CreateSignature] Root jett
> >> >> > Start signing
> >> >> > java.lang.NullPointerException
> >> >> > at
> >> >> > org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknow
> >> >> >n Source)
> >> >> > at java.util.Arrays.mergeSort(Arrays.java:1181)
> >> >> > at java.util.Arrays.sort(Arrays.java:1128)
> >> >> > at java.util.Collections.sort(Collections.java:121)at
> >> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
> >> >> > get Att rs(Unknown Source) at
> >> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
> >> >> > can oni calizeXPathNodeSet(Unknown Source)at
> >> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
> >> >> > can oni calizeXPathNodeSet(Unknown Source)at
> >> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
> >> >> > eng ine CanonicalizeXPathNodeSet(Unknown Source)at
> >> >> > org.apache.xml.security.transforms.implementations.TransformC14NWit
> >> >> > hCo mme nts.enginePerformTransform(Unknown Source)at
> >> >> > org.apache.xml.security.transforms.Transform.performTransform(Unkno
> >> >> > wn Source)at
> >> >> > org.apache.xml.security.transforms.Transforms.performTransforms(Unk
> >> >> > now n Source)at
> >> >> > org.apache.xml.security.signature.Reference.dereferenceURIandPerfor
> >> >> > mTr ans forms(Unknown Source) at
> >> >> > org.apache.xml.security.signature.Reference.getReferencedBytes(Unkn
> >> >> > own Source)at
> >> >> > org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> >> >> > Source)at
> >> >> > org.apache.xml.security.signature.Reference.generateDigestValue(Unk
> >> >> > now n Source) at
> >> >> > org.apache.xml.security.signature.Manifest.generateDigestValues(Unk
> >> >> > now n Source) at
> >> >> > org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
> >> >> > ================================================
> >> >> > jct@panonet.net
> >> >> > =================================================================
> >> >
> >> > --
> >> >
> >> > Best Regards.
> >> >
> >> > JC.
> >> > ==================================================================
> >> > jct@panonet.net
> >> > =================================================================
> >
> > --
> >
> > Best Regards.
> >
> > JC.
> > ==================================================================
> > jct@panonet.net
> > =================================================================
--
Best Regards.
JC.
==================================================================
jct@panonet.net
=================================================================
Re: XML Security with JDOM
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
Element sigElement = (Element)
XPathAPI.selectSingleNode(doc,
"//ds:Signature[1]", nscontext);
The question is: "Is sigElement != null ?"
You select the first Signature element in xmldsig namespace. But did you
really find one in your input document?
--On Mittwoch, 23. Oktober 2002 15:40 +0100 JC Tchitchiama
<jc...@panonet.net> wrote:
> Christian,
>
>
> I looked at what you are saying but don't quiet get it.
>
> Below is what I have got in the VerifySignature.java
> ...
> SAXBuilder builder = new SAXBuilder();
>
> org.jdom.Document jdomDoc = builder.build(signatureFile);
>
> DOMOutputter outputter = new DOMOutputter();
> org.w3c.dom.Document doc = outputter.output(jdomDoc);
>
> org.w3c.dom.Element nscontext = XMLUtils.createDSctx(doc, "ds",
>
> Constants.SignatureSpecNS); org.w3c.dom.Element sigElement =
> (org.w3c.dom.Element) = XPathAPI.selectSingleNode(doc,
> "//ds:Signature[1]", nscontext);
> ...
> Note that this example works well when JDOM is not involved at all
>
> Thx
>
> JC
>
>
> On Wednesday 23 Oct 2002 11:36 am, Christian Geuer-Pollmann wrote:
>> org.apache.xml.security.exceptions.XMLSecurityException:
>>
>> "Cannot create an ElementProxy from
>> a null argument"
>>
>> You must supply an org.w3c.dom.Element from the Signature recs namespace
>> and local name "Signature" to the
>>
>> new XMLSignature(Element el, ...)
>>
>> but in your code, el==null
>>
>> Christian
>>
>>
>>
>>
>> --On Mittwoch, 23. Oktober 2002 11:18 +0100 JC Tchitchiama
>>
>> <jc...@panonet.net> wrote:
>> > All,
>> > I downloaded the new CVS and I am getting this exception on a file that
>> > was succesfully signed !!!!
>> >
>> > Any ideas
>> >
>> > JC
>> >
>> > [VerifySignature]
>> > [VerifySignature] at
>> > org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
>> > [VerifySignature] at
>> > org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
>> > [VerifySignature] at
>> > org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
>> > Source) [VerifySignature] at
>> > org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
>> > [VerifySignature] at
>> > org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
>> > [VerifySignature] at
>> > org.apache.xml.security.samples.signature.VerifySignature.main(Unknown
>> > Source)
>> >
>> > On Tuesday 22 Oct 2002 3:44 pm, you wrote:
>> >> This is a known problem when dom-1 methods are used, I think a
>> >> workaround has been implemented, so you might want to just get the
>> >> newest CVS pull and see if that fixes your issue. -Tom
>> >>
>> >> On Tue, 22 Oct 2002, JC Tchitchiama wrote:
>> >> > Date: Tue, 22 Oct 2002 15:21:02 +0100
>> >> > From: JC Tchitchiama <jc...@panonet.net>
>> >> > To: security-dev@xml.apache.org
>> >> > Subject: XML Security with JDOM
>> >> >
>> >> > All,
>> >> >
>> >> > I am starting using the Apache XML security tool to sign an XML
>> >> > file. I am have sucessfully run the signature example. That example
>> >> > uses DOM technology and that's fine.
>> >> > My requirement is to sign a JDOM document using xml apache.
>> >> > My first thought was change the src_example and output a JDOM
>> >> > document into a DOM
>> >> > code snippet
>> >> > ...
>> >> > DOMOutputter out = new DOMOutputter()
>> >> > w3c.dom.Document doc = out.output(jdom.Document)
>> >> > ...
>> >> >
>> >> > document and proceed with the signature. I keep getting the NPE
>> >> > below. A collegue told me that they might be some issue in the JDOM
>> >> > serialization. When I output the DOM document into a file using
>> >> > XMLSerializer
>> >> > it works fine XMLSignature cannot handle that same document
>> >> >
>> >> > Any ideas
>> >> >
>> >> >
>> >> > Best Regards.
>> >> >
>> >> > JC.
>> >> >
>> >> >
>> >> >
>> >> > ==================[CreateSignature] Root jett
>> >> > Start signing
>> >> > java.lang.NullPointerException
>> >> > at
>> >> > org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknown
>> >> > Source)
>> >> > at java.util.Arrays.mergeSort(Arrays.java:1181)
>> >> > at java.util.Arrays.sort(Arrays.java:1128)
>> >> > at java.util.Collections.sort(Collections.java:121)at
>> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
>> >> > get Att rs(Unknown Source) at
>> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
>> >> > can oni calizeXPathNodeSet(Unknown Source)at
>> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
>> >> > can oni calizeXPathNodeSet(Unknown Source)at
>> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.
>> >> > eng ine CanonicalizeXPathNodeSet(Unknown Source)at
>> >> > org.apache.xml.security.transforms.implementations.TransformC14NWit
>> >> > hCo mme nts.enginePerformTransform(Unknown Source)at
>> >> > org.apache.xml.security.transforms.Transform.performTransform(Unkno
>> >> > wn Source)at
>> >> > org.apache.xml.security.transforms.Transforms.performTransforms(Unk
>> >> > now n Source)at
>> >> > org.apache.xml.security.signature.Reference.dereferenceURIandPerfor
>> >> > mTr ans forms(Unknown Source) at
>> >> > org.apache.xml.security.signature.Reference.getReferencedBytes(Unkn
>> >> > own Source)at
>> >> > org.apache.xml.security.signature.Reference.calculateDigest(Unknown
>> >> > Source)at
>> >> > org.apache.xml.security.signature.Reference.generateDigestValue(Unk
>> >> > now n Source) at
>> >> > org.apache.xml.security.signature.Manifest.generateDigestValues(Unk
>> >> > now n Source) at
>> >> > org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
>> >> > ================================================
>> >> > jct@panonet.net
>> >> > =================================================================
>> >
>> > --
>> >
>> > Best Regards.
>> >
>> > JC.
>> > ==================================================================
>> > jct@panonet.net
>> > =================================================================
>
> --
>
> Best Regards.
>
> JC.
> ==================================================================
> jct@panonet.net
> =================================================================
>
Re: XML Security with JDOM
Posted by JC Tchitchiama <jc...@panonet.net>.
Christian,
I looked at what you are saying but don't quiet get it.
Below is what I have got in the VerifySignature.java
...
SAXBuilder builder = new SAXBuilder();
org.jdom.Document jdomDoc = builder.build(signatureFile);
DOMOutputter outputter = new DOMOutputter();
org.w3c.dom.Document doc = outputter.output(jdomDoc);
org.w3c.dom.Element nscontext = XMLUtils.createDSctx(doc, "ds",
Constants.SignatureSpecNS);
org.w3c.dom.Element sigElement = (org.w3c.dom.Element) =
XPathAPI.selectSingleNode(doc,
"//ds:Signature[1]", nscontext);
...
Note that this example works well when JDOM is not involved at all
Thx
JC
On Wednesday 23 Oct 2002 11:36 am, Christian Geuer-Pollmann wrote:
> org.apache.xml.security.exceptions.XMLSecurityException:
>
> "Cannot create an ElementProxy from
> a null argument"
>
> You must supply an org.w3c.dom.Element from the Signature recs namespace
> and local name "Signature" to the
>
> new XMLSignature(Element el, ...)
>
> but in your code, el==null
>
> Christian
>
>
>
>
> --On Mittwoch, 23. Oktober 2002 11:18 +0100 JC Tchitchiama
>
> <jc...@panonet.net> wrote:
> > All,
> > I downloaded the new CVS and I am getting this exception on a file that
> > was succesfully signed !!!!
> >
> > Any ideas
> >
> > JC
> >
> > [VerifySignature]
> > [VerifySignature] at
> > org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
> > [VerifySignature] at
> > org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
> > [VerifySignature] at
> > org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
> > Source) [VerifySignature] at
> > org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
> > [VerifySignature] at
> > org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
> > [VerifySignature] at
> > org.apache.xml.security.samples.signature.VerifySignature.main(Unknown
> > Source)
> >
> > On Tuesday 22 Oct 2002 3:44 pm, you wrote:
> >> This is a known problem when dom-1 methods are used, I think a
> >> workaround has been implemented, so you might want to just get the
> >> newest CVS pull and see if that fixes your issue. -Tom
> >>
> >> On Tue, 22 Oct 2002, JC Tchitchiama wrote:
> >> > Date: Tue, 22 Oct 2002 15:21:02 +0100
> >> > From: JC Tchitchiama <jc...@panonet.net>
> >> > To: security-dev@xml.apache.org
> >> > Subject: XML Security with JDOM
> >> >
> >> > All,
> >> >
> >> > I am starting using the Apache XML security tool to sign an XML file.
> >> > I am have sucessfully run the signature example. That example
> >> > uses DOM technology and that's fine.
> >> > My requirement is to sign a JDOM document using xml apache.
> >> > My first thought was change the src_example and output a JDOM document
> >> > into a DOM
> >> > code snippet
> >> > ...
> >> > DOMOutputter out = new DOMOutputter()
> >> > w3c.dom.Document doc = out.output(jdom.Document)
> >> > ...
> >> >
> >> > document and proceed with the signature. I keep getting the NPE below.
> >> > A collegue told me that they might be some issue in the JDOM
> >> > serialization. When I output the DOM document into a file using
> >> > XMLSerializer
> >> > it works fine XMLSignature cannot handle that same document
> >> >
> >> > Any ideas
> >> >
> >> >
> >> > Best Regards.
> >> >
> >> > JC.
> >> >
> >> >
> >> >
> >> > ==================[CreateSignature] Root jett
> >> > Start signing
> >> > java.lang.NullPointerException
> >> > at
> >> > org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknown
> >> > Source)
> >> > at java.util.Arrays.mergeSort(Arrays.java:1181)
> >> > at java.util.Arrays.sort(Arrays.java:1128)
> >> > at java.util.Collections.sort(Collections.java:121)at
> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.get
> >> > Att rs(Unknown Source) at
> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.can
> >> > oni calizeXPathNodeSet(Unknown Source)at
> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.can
> >> > oni calizeXPathNodeSet(Unknown Source)at
> >> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.eng
> >> > ine CanonicalizeXPathNodeSet(Unknown Source)at
> >> > org.apache.xml.security.transforms.implementations.TransformC14NWithCo
> >> > mme nts.enginePerformTransform(Unknown Source)at
> >> > org.apache.xml.security.transforms.Transform.performTransform(Unknown
> >> > Source)at
> >> > org.apache.xml.security.transforms.Transforms.performTransforms(Unknow
> >> >n Source)at
> >> > org.apache.xml.security.signature.Reference.dereferenceURIandPerformTr
> >> > ans forms(Unknown Source) at
> >> > org.apache.xml.security.signature.Reference.getReferencedBytes(Unknown
> >> > Source)at
> >> > org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> >> > Source)at
> >> > org.apache.xml.security.signature.Reference.generateDigestValue(Unknow
> >> >n Source) at
> >> > org.apache.xml.security.signature.Manifest.generateDigestValues(Unknow
> >> >n Source) at
> >> > org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
> >> > ================================================
> >> > jct@panonet.net
> >> > =================================================================
> >
> > --
> >
> > Best Regards.
> >
> > JC.
> > ==================================================================
> > jct@panonet.net
> > =================================================================
--
Best Regards.
JC.
==================================================================
jct@panonet.net
=================================================================
Re: XML Security with JDOM
Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.
org.apache.xml.security.exceptions.XMLSecurityException:
"Cannot create an ElementProxy from
a null argument"
You must supply an org.w3c.dom.Element from the Signature recs namespace
and local name "Signature" to the
new XMLSignature(Element el, ...)
but in your code, el==null
Christian
--On Mittwoch, 23. Oktober 2002 11:18 +0100 JC Tchitchiama
<jc...@panonet.net> wrote:
> All,
> I downloaded the new CVS and I am getting this exception on a file that
> was succesfully signed !!!!
>
> Any ideas
>
> JC
>
> [VerifySignature]
> [VerifySignature] at
> org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
> [VerifySignature] at
> org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
> [VerifySignature] at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
> Source) [VerifySignature] at
> org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
> [VerifySignature] at
> org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
> [VerifySignature] at
> org.apache.xml.security.samples.signature.VerifySignature.main(Unknown
> Source)
>
>
>
> On Tuesday 22 Oct 2002 3:44 pm, you wrote:
>> This is a known problem when dom-1 methods are used, I think a workaround
>> has been implemented, so you might want to just get the newest CVS pull
>> and see if that fixes your issue. -Tom
>>
>> On Tue, 22 Oct 2002, JC Tchitchiama wrote:
>> > Date: Tue, 22 Oct 2002 15:21:02 +0100
>> > From: JC Tchitchiama <jc...@panonet.net>
>> > To: security-dev@xml.apache.org
>> > Subject: XML Security with JDOM
>> >
>> > All,
>> >
>> > I am starting using the Apache XML security tool to sign an XML file.
>> > I am have sucessfully run the signature example. That example
>> > uses DOM technology and that's fine.
>> > My requirement is to sign a JDOM document using xml apache.
>> > My first thought was change the src_example and output a JDOM document
>> > into a DOM
>> > code snippet
>> > ...
>> > DOMOutputter out = new DOMOutputter()
>> > w3c.dom.Document doc = out.output(jdom.Document)
>> > ...
>> >
>> > document and proceed with the signature. I keep getting the NPE below.
>> > A collegue told me that they might be some issue in the JDOM
>> > serialization. When I output the DOM document into a file using
>> > XMLSerializer
>> > it works fine XMLSignature cannot handle that same document
>> >
>> > Any ideas
>> >
>> >
>> > Best Regards.
>> >
>> > JC.
>> >
>> >
>> >
>> > ==================[CreateSignature] Root jett
>> > Start signing
>> > java.lang.NullPointerException
>> > at
>> > org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknown
>> > Source)
>> > at java.util.Arrays.mergeSort(Arrays.java:1181)
>> > at java.util.Arrays.sort(Arrays.java:1128)
>> > at java.util.Collections.sort(Collections.java:121)at
>> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.get
>> > Att rs(Unknown Source) at
>> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.can
>> > oni calizeXPathNodeSet(Unknown Source)at
>> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.can
>> > oni calizeXPathNodeSet(Unknown Source)at
>> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.eng
>> > ine CanonicalizeXPathNodeSet(Unknown Source)at
>> > org.apache.xml.security.transforms.implementations.TransformC14NWithCo
>> > mme nts.enginePerformTransform(Unknown Source)at
>> > org.apache.xml.security.transforms.Transform.performTransform(Unknown
>> > Source)at
>> > org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
>> > Source)at
>> > org.apache.xml.security.signature.Reference.dereferenceURIandPerformTr
>> > ans forms(Unknown Source) at
>> > org.apache.xml.security.signature.Reference.getReferencedBytes(Unknown
>> > Source)at
>> > org.apache.xml.security.signature.Reference.calculateDigest(Unknown
>> > Source)at
>> > org.apache.xml.security.signature.Reference.generateDigestValue(Unknown
>> > Source) at
>> > org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown
>> > Source) at org.apache.xml.security.signature.XMLSignature.sign(Unknown
>> > Source)
>> > ================================================
>> > jct@panonet.net
>> > =================================================================
>
> --
>
> Best Regards.
>
> JC.
> ==================================================================
> jct@panonet.net
> =================================================================
>
Re: XML Security with JDOM
Posted by JC Tchitchiama <jc...@panonet.net>.
All,
I downloaded the new CVS and I am getting this exception on a file that was
succesfully signed !!!!
Any ideas
JC
[VerifySignature]
org.apache.xml.security.exceptions.XMLSecurityException:Cannot create an
ElementProxy from a null argument
[VerifySignature] at
org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
[VerifySignature] at
org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
[VerifySignature] at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
[VerifySignature] at
org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
[VerifySignature] at
org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
[VerifySignature] at
org.apache.xml.security.samples.signature.VerifySignature.main(Unknown
Source)
On Tuesday 22 Oct 2002 3:44 pm, you wrote:
> This is a known problem when dom-1 methods are used, I think a workaround
> has been implemented, so you might want to just get the newest CVS pull and
> see if that fixes your issue. -Tom
>
> On Tue, 22 Oct 2002, JC Tchitchiama wrote:
> > Date: Tue, 22 Oct 2002 15:21:02 +0100
> > From: JC Tchitchiama <jc...@panonet.net>
> > To: security-dev@xml.apache.org
> > Subject: XML Security with JDOM
> >
> > All,
> >
> > I am starting using the Apache XML security tool to sign an XML file.
> > I am have sucessfully run the signature example. That example
> > uses DOM technology and that's fine.
> > My requirement is to sign a JDOM document using xml apache.
> > My first thought was change the src_example and output a JDOM document
> > into a DOM
> > code snippet
> > ...
> > DOMOutputter out = new DOMOutputter()
> > w3c.dom.Document doc = out.output(jdom.Document)
> > ...
> >
> > document and proceed with the signature. I keep getting the NPE below.
> > A collegue told me that they might be some issue in the JDOM
> > serialization. When I output the DOM document into a file using
> > XMLSerializer
> > it works fine XMLSignature cannot handle that same document
> >
> > Any ideas
> >
> >
> > Best Regards.
> >
> > JC.
> >
> >
> >
> > ==================[CreateSignature] Root jett
> > Start signing
> > java.lang.NullPointerException
> > at
> > org.apache.xml.security.c14n.helper.NonNSAttrCompare.compare(Unknown
> > Source)
> > at java.util.Arrays.mergeSort(Arrays.java:1181)
> > at java.util.Arrays.sort(Arrays.java:1128)
> > at java.util.Collections.sort(Collections.java:121)at
> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.getAtt
> >rs(Unknown Source) at
> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.canoni
> >calizeXPathNodeSet(Unknown Source)at
> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.canoni
> >calizeXPathNodeSet(Unknown Source)at
> > org.apache.xml.security.c14n.implementations.Canonicalizer20010315.engine
> >CanonicalizeXPathNodeSet(Unknown Source)at
> > org.apache.xml.security.transforms.implementations.TransformC14NWithComme
> >nts.enginePerformTransform(Unknown Source)at
> > org.apache.xml.security.transforms.Transform.performTransform(Unknown
> > Source)at
> > org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
> > Source)at
> > org.apache.xml.security.signature.Reference.dereferenceURIandPerformTrans
> >forms(Unknown Source) at
> > org.apache.xml.security.signature.Reference.getReferencedBytes(Unknown
> > Source)at
> > org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> > Source)at
> > org.apache.xml.security.signature.Reference.generateDigestValue(Unknown
> > Source) at
> > org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown
> > Source) at org.apache.xml.security.signature.XMLSignature.sign(Unknown
> > Source)
> > ================================================
> > jct@panonet.net
> > =================================================================
--
Best Regards.
JC.
==================================================================
jct@panonet.net
=================================================================