You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Srihari <sr...@gmail.com> on 2008/09/30 15:09:59 UTC

issue with digital signature and MTOM

Hi,
I am having issue with digital signature with MTOM format.
i am using Axis for my server side service.

When I use Axis client it works but when I use the CXF client it failed with
"The signature or decryption was invalid".  Can you please help me what I am
doing wrong.

here are the various requests;

*Request generated by Axis:*
**
--MIMEBoundaryurn_uuid_8EF88BC3D516858F361222778974305
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"
Content-Transfer-Encoding: binary
Content-ID: <0....@apache.org>
>

<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="
http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header>
<wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:BinarySecurityTokenxmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-526577">MIICGDCCAYGgAwIBAgIBADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUExEjAQBgNVBAcTCUNhbWJyaWRnZTESMBAGA1UEChMJRGF0YVBvd2VyMQ4wDAYDVQQDEwVBbGljZTAeFw0wMjExMjMwMTE1MzNaFw0xMjExMjMwMTE1MzNaMFIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTESMBAGA1UEBxMJQ2FtYnJpZGdlMRIwEAYDVQQKEwlEYXRhUG93ZXIxDjAMBgNVBAMTBUFsaWNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUIz3F9Kwgu57QfATZfCJmJq0kNoXFN2cagRP/YtH+T3A0fyA6g0MASAkjRX4waOCZL/Dpl+kIyUiFjbDku2vNIZS49OC66g021bIJpDHrV2+nML+XDc5tTOgyNCX2drT3AL9Rjj2guAIvUQLvi8Nj7sd2PL98h4wCKQCXbMpOdwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJBKfQN7hJZ2tNjLiZWpXaRyiTc80TDZhPZYsSAEMYJ13R4gcThuZuSkpr3qxpdHotS8KhNn7FzVn/KtOnh1fqCGQQ6UfRiRAtEruhaBDI9jculwQRyzm7Ard7q5MLIIx3CKjaf12kN1mmEdHOitpfb+2LM/ksBIEaJ2MC5F0Jvi</wsse:BinarySecurityToken><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-6586390">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
/>
<ds:Reference URI="#id-12518719">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>M6bH0e9aKPGWXzYjCdQQSlAIApo=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
BtTcWjTzXqT1d+3ifYyt4SorrVzS8/2Rwh4qzWVdFs3uI3KNfC3FtOpfU0u7NOJFjsbsx/J9tJEJ
C86aGn37f8p5rKtN6ze0O7xfp6hicXlkNajzZR3WiJJ1ZUjLUI5DksY1sKtHRjUHBVbSynCsDNi0
QGTGk73brkooMxgrpPY=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-27660658">
<wsse:SecurityTokenReference xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-31882858"><wsse:Reference URI="#CertId-526577" ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-7031149"><wsu:Created>2008-09-30T12:49:34.066Z</wsu:Created><wsu:Expires>2008-09-30T12:54:34.066Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1812813"><wsse:Username>EREWSDV2</wsse:Username><wsse:Password
Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">1newpass</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header><soapenv:Bodyxmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-12518719"><ns1:SubmitBulkFileRequest xmlns:ns1="urn:
parameters.erews.v2.ssa.gov"><ns1:SubmitBulkFileRequest><ns1:fileName>test.txt</ns1:fileName><ns1:fileSize>5</ns1:fileSize><ns1:checkSum>5d41402abc4b2a76b9719d911017c592</ns1:checkSum></ns1:SubmitBulkFileRequest><ns1:AttachmentFile
xmlns:ns2="http://www.w3.org/2005/05/xmlmime"
ns2:contentType="application/xop+xml"><xop:Include href="
cid:1.urn:uuid:8EF88BC3D516858F361222778974354@apache.org<ci...@apache.org>"
xmlns:xop="http://www.w3.org/2004/08/xop/include"
/></ns1:AttachmentFile></ns1:SubmitBulkFileRequest></soapenv:Body></soapenv:Envelope>
--MIMEBoundaryurn_uuid_8EF88BC3D516858F361222778974305
Content-Type: application/octet-stream
Content-Transfer-Encoding: binary
Content-ID: <1....@apache.org>
>

hello
--MIMEBoundaryurn_uuid_8EF88BC3D516858F361222778974305--





*CXF client request:*

POST /EREWSV2/services/EREWebServices HTTP/1.1
Content-Type: multipart/related; type="application/xop+xml";

boundary="----=_Part_0_28008463.1222778483657"; start="<
root.message@cxf.apache.org>";

start-info="text/xml"; charset=UTF-8
SOAPAction: "submitBulkFile"
Accept: *
Cache-Control: no-cache
Pragma: no-cache
User-Agent: Java/1.5.0_08
Host: localhost:8000
Connection: keep-alive
Transfer-Encoding: chunked

ffb

------=_Part_0_28008463.1222778483657
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml";
Content-Transfer-Encoding: binary
Content-ID: <ro...@cxf.apache.org>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Bi

narySecurityToken

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"


xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"


EncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64B

inary"

ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"


wsu:Id="CertId-526577">MIICGDCCAYGgAwIBAgIBADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUEx

EjAQBgNVBAcTCUNhbWJyaWRnZTESMBAGA1UEChMJRGF0YVBvd2VyMQ4wDAYDVQQDEwVBbGljZTAeFw0wMjExMjMwMTE1MzNaFw0xMjE

xMjMwMTE1MzNaMFIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTESMBAGA1UEBxMJQ2FtYnJpZGdlMRIwEAYDVQQKEwlEYXRhUG93ZX

IxDjAMBgNVBAMTBUFsaWNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUIz3F9Kwgu57QfATZfCJmJq0kNoXFN2cagRP/YtH+T

3A0fyA6g0MASAkjRX4waOCZL/Dpl+kIyUiFjbDku2vNIZS49OC66g021bIJpDHrV2+nML+XDc5tTOgyNCX2drT3AL9Rjj2guAIvUQLv

i8Nj7sd2PL98h4wCKQCXbMpOdwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJBKfQN7hJZ2tNjLiZWpXaRyiTc80TDZhPZYsSAEMYJ13R4

gcThuZuSkpr3qxpdHotS8KhNn7FzVn/KtOnh1fqCGQQ6UfRiRAtEruhaBDI9jculwQRyzm7Ard7q5MLIIx3CKjaf12kN1mmEdHOitpf

b+2LM/ksBIEaJ2MC5F0Jvi</wsse:BinarySecurityToken><ds:Signature

xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-29529080">
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

<ds:CanonicalizationMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
URI="#id-17388264">
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:Transform xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue

xmlns:ds="
http://www.w3.org/2000/09/xmldsig#">fPdPXCv7+ZHlymEbWXMIdaGUzK4=</ds:DigestValue
>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
PJbGtY5eUpyBMDtbK5KIJb7I5DEHu8auCmB4S73z+Qc0BjWgri/7B4PhRY+RpACXnxeTBW+k9vIk
mQ67eA0HHUFaIA3GfsjF+77fDNhwdM8zW4vJOZsWDgUsOkwfpfNWYBhag5Mk1yYz9bvKQ2hBOp0W
2j53GfI55I4gbufd944=
</ds:SignatureValue>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="KeyId-23678666">
<wsse:SecurityTokenReference

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"


xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"


wsu:Id="STRId-10259519"><wsse:Reference

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"


URI="#CertId-526577"

ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"


/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsse:UsernameToken

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"


xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"


wsu:Id="UsernameToken-31779675"><wsse:Username

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">EREWSDV2

</wsse:Username><wsse:Password

xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"


Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">

1newpass</wsse:Password></wsse:UsernameToken><wsu:Timestamp

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
4a2
200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-14633980"><wsu:Created

xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-09
-

30T12:41:24.157Z</wsu:Created><wsu:Expires

xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-09
-

30T12:46:24.157Z</wsu:Expires></wsu:Timestamp></wsse:Security></soap:Header><soap:Body


xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"


wsu:Id="id-17388264"><SubmitBulkFileRequest

xmlns="urn:parameters.erews.v2.ssa.gov
"><SubmitBulkFileRequest><fileName>test.txt</fileName><fileSize>3

713</fileSize><checkSum>param</checkSum></SubmitBulkFileRequest><AttachmentFile><xop:Include


xmlns:xop="http://www.w3.org/2004/08/xop/include"

href="cid:97ae9f07-3701-42ac-a9c3-605661cee2c2@urn:
parameters.erews.v2.ssa.gov"

/></AttachmentFile></SubmitBulkFileRequest></soap:Body></soap:Envelope>
------=_Part_0_28008463.1222778483657
Content-Type: text/plain
Content-Transfer-Encoding: binary
Content-ID: <
97ae9f07-3701-42ac-a9c3-605661cee2c2@urn:parameters.erews.v2.ssa.gov>

hello
------=_Part_0_28008463.1222778483657--
0


-- 
Thanks & Regards,
Srihari