You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by mohamed sellami <mo...@gmx.net> on 2006/07/04 16:03:01 UTC
Verifying the soap message signature
Hello everybody
I'm new to wss4j and I’m actually testing it.
I tried to sign a soap message and then to verify it.
For the signature all seems to be all right but I encountered an exception when verifying the signature.
Here is the code I used for the verification:
---------------------------------------------------------------------------
------------------------Code start
---------------------------------------------------------------------------
import java.io.*;
import org.apache.ws.security.*;
import org.apache.ws.security.components.crypto.*;
import org.apache.ws.security.message.*;
import org.apache.axis.utils.*;
import org.apache.axis.message.*;
import org.apache.axis.client.*;
import org.apache.axis.*;
import org.apache.axis.configuration.*;
import java.util.Vector;
import org.w3c.dom.*;
public class VerifSignSOAP{
private static final String signedSOAPMsg=
"<SOAP-ENV:Envelope "+
"xmlns:SOAP-ENV=\"http://www.w3.org/2003/05/soap-envelope\" "+
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" "+
"xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">"+
"<SOAP-ENV:Header>"+
"<wsse:Security SOAP-ENV:mustUnderstand=\"true\" "+
"xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">"+
"<ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">"+
"<ds:SignedInfo>"+
"<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>"+
"<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>"+
"<ds:Reference URI=\"#id-30472956\">"+
"<ds:Transforms>"+
"<ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>"+
"</ds:Transforms>"+
"<ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>"+
"<ds:DigestValue>UgA2oOAXUuXx7wXm7NfLHu7qS34= </ds:DigestValue>"+
"</ds:Reference>"+
"</ds:SignedInfo>"+
"<ds:SignatureValue>"+
"jlviX+9c/bSlAF01GLfilti3Yp1+9EXcKzI2rDi/dJ1tpsk0DO7tXvmv8HqNu9oVSBS6soXhKMuG"+
"GUxe5hvotBANtuk3Fo0JBtr63+r9ZuwoGgSjer+5uHge6e+3XA029CzdSMNAFSvJobzCSojvgX+C"+
"dv+cmd4ApWLAogPCgq4="+
"</ds:SignatureValue>"+
"<ds:KeyInfo Id=\"KeyId-8549963\">"+
"<wsse:SecurityTokenReference wsu:Id=\"STRId-31782850\" "+
"xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">"+
"<ds:X509Data>"+
"<ds:X509IssuerSerial>"+
"<ds:X509IssuerName>CN=sellami mohamed,OU=CNSS,O=CNSS,L=Sfax,ST=Tunisie,C=TN</ds:X509IssuerName>"+
"<ds:X509SerialNumber>1151857306</ds:X509SerialNumber>"+
"</ds:X509IssuerSerial>"+
"</ds:X509Data>"+
"</wsse:SecurityTokenReference>"+
"</ds:KeyInfo>"+
"</ds:Signature>"+
"</wsse:Security>"+
"</SOAP-ENV:Header>"+
"<SOAP-ENV:Body wsu:Id=\"id-30472956\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">"+
"<sayHello xmlns=\"http://jeffhanson.com/services/helloworld\">"+
"<value xmlns=\"\">Hello world!</value>"+
"</sayHello>"+
"</SOAP-ENV:Body>"+
"</SOAP-ENV:Envelope>";
private static final WSSecurityEngine secEngine =new WSSecurityEngine();
private static final Crypto crypto =CryptoFactory.getInstance();
private static AxisClient engine = null;
private static MessageContext msgContext = null;
private static void verify(SOAPEnvelope signedEnvelope) throws Exception {
Document doc = signedEnvelope.getAsDocument();
secEngine.processSecurityHeader(doc, null, null,crypto);
System.out.println("La firma del messaggio è valida");
}
private static Message getAxisMessage(String unsignedEnvelope){
InputStream inStream =new ByteArrayInputStream(unsignedEnvelope.getBytes());
Message axisMessage = new Message(inStream);
axisMessage.setMessageContext(msgContext);
return axisMessage;
}
public static void main(String[] args){
try
{
Message axisMessage = getAxisMessage(signedSOAPMsg);
SOAPEnvelope signedEnvelope = axisMessage.getSOAPEnvelope();
System.out.println("<<< signed >>>");
XMLUtils.PrettyElementToWriter(signedEnvelope.getAsDOM(),new PrintWriter(System.out));
verify(signedEnvelope);
}
catch (Exception e){e.printStackTrace();}
}
}
---------------------------------------------------------------------------
----------------------------Code Ends
---------------------------------------------------------------------------
I received this Exception :
java.lang.NullPointerException
at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(Envel
opeIdResolver.java:100)
at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unkno
wn Source)
at org.apache.xml.security.signature.Reference.getContentsBeforeTransfor
mation(Unknown Source)
at org.apache.xml.security.signature.Reference.dereferenceURIandPerformT
ransforms(Unknown Source)
at org.apache.xml.security.signature.Reference.calculateDigest(Unknown S
ource)
at org.apache.xml.security.signature.Reference.verify(Unknown Source)
at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown S
ource)
at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Un
known Source)
at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Un
known Source)
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignatur
e(SignatureProcessor.java:264)
at org.apache.ws.security.processor.SignatureProcessor.handleToken(Signa
tureProcessor.java:79)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:269)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:191)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur
ityEngine.java:144)
at VerifSignSOAP.verify(VerifSignSOAP.java:78)
at VerifSignSOAP.main(VerifSignSOAP.java:102)
--------------------------------------------------------------------------
Do someone has an idea on what the problem is ?
Thanks
Mohamed Sellami
--
"Feel free" – 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org