You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Milan Tomic <mi...@setcce.org> on 2005/10/12 11:31:10 UTC
[java] XMLSignature ctor
I'm using XMLSignature ctor like this:
XMLSignature sig = new XMLSignature(doc, BaseURI, docSig, docCan);
and got the following error:
org.apache.xml.security.exceptions.XMLSecurityException: Cannot create a
http://www.w3.org/2000/09/xmldsig#:Signature from a
http://www.w3.org/2000/09/xmldsig#:SignatureMethod element
at
org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpac
e(Unknown Source)
at org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
at org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
I have checked node names with:
System.out.println(docSig.getNodeName());
System.out.println(docCan.getNodeName());
and the output is:
ds:Signature
ds:CanonicalizationMethod
Does anyone have some idea what could be wrong?
Thank you in advance,
Milan
Re: XML Signature Problem
Posted by Davanum Srinivas <da...@gmail.com>.
plz check wss4j source code on how we do this. we don't see this problem.
-- dims
On 11/16/05, anshuk pal chaudhuri <an...@yahoo.com> wrote:
> HI,
>
> I am having this weird problem.
>
> The Problem:
> I am creating a saml assertion(using opensaml),signing
> it--which is in turn using XMLSignature of
> XMLSecurity.NO ISSUES in this.Working Fine.
>
> The moment I am verfying that saml assertion at the
> other end,its creating a problem.Its throwing an
> exception:
>
> org.apache.xml.security.utils.resolver.ResourceResolverException:Could
> not find a resolver for URI null and Base null
> at
> org.apache.xml.security.utils.resolver.ResourceResolver.getInstance(Unknown
> Source)
> at
> org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Reference.java:412)
> at
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Reference.java:638)
> at
> org.apache.xml.security.signature.Reference.calculateDigest(Reference.java:725)
> at
> org.apache.xml.security.signature.Reference.verify(Reference.java:774)
> at
> org.apache.xml.security.signature.Manifest.verifyReferences(Manifest.java:318)
> at
> org.apache.xml.security.signature.SignedInfo.verify(SignedInfo.java:224)
> at
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:592)
> at
> org.opensaml.SAMLSignedObject.verify(SAMLSignedObject.java:340)
> at
> saml.SimpleSAMLInsertion.main(SimpleSAMLInsertion.java:181)
> java.lang.NullPointerException
> at
> org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature.enginePerformTransform(Unknown
> Source)
> at
> org.apache.xml.security.transforms.Transform.performTransform(Transform.java:308)
> at
> org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
> Source)
> at
> org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Reference.java:468)
> at
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Reference.java:639)
> at
> org.apache.xml.security.signature.Reference.calculateDigest(Reference.java:725)
> at
> org.apache.xml.security.signature.Reference.verify(Reference.java:774)
> at
> org.apache.xml.security.signature.Manifest.verifyReferences(Manifest.java:318)
> at
> org.apache.xml.security.signature.SignedInfo.verify(SignedInfo.java:224)
> at
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:592)
> at
> org.opensaml.SAMLSignedObject.verify(SAMLSignedObject.java:340)
> at
> saml.SimpleSAMLInsertion.main(SimpleSAMLInsertion.java:181)
>
>
> This problem is specific to XMLSignature and not to
> Open SAML.
> What I think is that,the references element contains
> the URI attribute,which works fine at the first
> end(while craeting the signature),but at the other end
> the URI is becoming null.
> That is the reason:
> ResourceResolver resolver =
> ResourceResolver.getInstance(URIAttr,this._baseURI,
> this._manifest._perManifestResolvers)
> is throwing an exception.
>
> Can anyone help?
> Regards,
> Anshuk
>
>
>
>
>
> __________________________________
> Yahoo! Mail - PC Magazine Editors' Choice 2005
> http://mail.yahoo.com
>
--
Davanum Srinivas : http://wso2.com/blogs/
XML Signature Problem
Posted by anshuk pal chaudhuri <an...@yahoo.com>.
HI,
I am having this weird problem.
The Problem:
I am creating a saml assertion(using opensaml),signing
it--which is in turn using XMLSignature of
XMLSecurity.NO ISSUES in this.Working Fine.
The moment I am verfying that saml assertion at the
other end,its creating a problem.Its throwing an
exception:
org.apache.xml.security.utils.resolver.ResourceResolverException:Could
not find a resolver for URI null and Base null
at
org.apache.xml.security.utils.resolver.ResourceResolver.getInstance(Unknown
Source)
at
org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Reference.java:412)
at
org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Reference.java:638)
at
org.apache.xml.security.signature.Reference.calculateDigest(Reference.java:725)
at
org.apache.xml.security.signature.Reference.verify(Reference.java:774)
at
org.apache.xml.security.signature.Manifest.verifyReferences(Manifest.java:318)
at
org.apache.xml.security.signature.SignedInfo.verify(SignedInfo.java:224)
at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:592)
at
org.opensaml.SAMLSignedObject.verify(SAMLSignedObject.java:340)
at
saml.SimpleSAMLInsertion.main(SimpleSAMLInsertion.java:181)
java.lang.NullPointerException
at
org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature.enginePerformTransform(Unknown
Source)
at
org.apache.xml.security.transforms.Transform.performTransform(Transform.java:308)
at
org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
Source)
at
org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Reference.java:468)
at
org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Reference.java:639)
at
org.apache.xml.security.signature.Reference.calculateDigest(Reference.java:725)
at
org.apache.xml.security.signature.Reference.verify(Reference.java:774)
at
org.apache.xml.security.signature.Manifest.verifyReferences(Manifest.java:318)
at
org.apache.xml.security.signature.SignedInfo.verify(SignedInfo.java:224)
at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:592)
at
org.opensaml.SAMLSignedObject.verify(SAMLSignedObject.java:340)
at
saml.SimpleSAMLInsertion.main(SimpleSAMLInsertion.java:181)
This problem is specific to XMLSignature and not to
Open SAML.
What I think is that,the references element contains
the URI attribute,which works fine at the first
end(while craeting the signature),but at the other end
the URI is becoming null.
That is the reason:
ResourceResolver resolver =
ResourceResolver.getInstance(URIAttr,this._baseURI,
this._manifest._perManifestResolvers)
is throwing an exception.
Can anyone help?
Regards,
Anshuk
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
Re: [java] XMLSignature ctor
Posted by "John M. Hoyt" <jo...@gmail.com>.
unsubscribe
Re: [java] XMLSignature ctor
Posted by Sean Mullan <Se...@Sun.COM>.
That doesn't make any sense ... so what line of the code is throwing the
NPE in the debugger? Are you sure this._constructionElement is not null?
That would be my guess as to what is causing the NPE.
--Sean
Milan Tomic wrote:
> I have tried to debug, but without any luck. :( I'm using Eclipse IDE.
>
> This is my call stack:
>
> ElementNode2.getAttributeNS(String, String) line: 409
> SignatureAlgorithm.getURI() line: 303
> SignatureAlgorithm.<init>(Element, String) line: 124
> SignedInfo.<init>(Document, Element, Element) line: 136
> XMLSignature.<init>(Document, String, Element, Element) line: 229
> TestXSEC.main(String[]) line: 97
>
> This is the only line of code in getURI():
>
> return this._constructionElement.getAttributeNS(null,
> Constants._ATT_ALGORITHM);
>
> but when I step into getAttributeNS():
>
> public String getAttributeNS(String namespaceURI, String localName) {
> ...
> }
>
> I can see that namespaceURI have a value of
> "http://www.w3.org/2000/09/xmldsig#" (and it should be null)
>
> Because of this, the code failes to find attribute. I have never seen such a
> case... :(
>
> Best regards,
> Milan
>
>
> -----Original Message-----
> From: Sean Mullan [mailto:Sean.Mullan@Sun.COM]
> Sent: Friday, October 14, 2005 5:43 PM
> To: security-dev@xml.apache.org
> Subject: Re: [java] XMLSignature ctor
>
> I don't know for sure, but you should be able to figure out the problem
> by inserting some print statements or running your test case thru a
> debugger such as jdb or JSwat (you will have to recompile the Apache
> XMLSec source with the -g flag though). Also, make sure when you parse
> your Document with a DocumentBuilder you set it to be namespace aware
> (DocumentBuilderFactory.setNamespaceAware(true)).
>
> --Sean
>
> Milan Tomic wrote:
>
>>As much as I could debug XSEC, "Algorith" attribute was never found for my
>><SignatureMethod> element, although it is there. Perhaps this is an issue
>>with namespaces?
>>
>>I'm attaching XML file I was using for testing purposes.
>>
>>Best regards,
>>Milan
>>
>>
>>-----Original Message-----
>>From: Milan Tomic [mailto:milan@setcce.org]
>>Sent: Friday, October 14, 2005 11:49 AM
>>To: security-dev@xml.apache.org
>>Subject: RE: [java] XMLSignature ctor
>>
>>
>>
>>
>>>Yes, the docSig parameter should be the
>>>SignatureMethod element and not
>>>the Signature element.
>>
>>
>>Thank you, Sean. The error message a little confused me.
>>
>>I did as you suggested and now I got this exception in XMLSignature ctor:
>>
>>org.apache.xml.security.signature.XMLSignatureException: The requested
>>algorithm does not exist. Original Message was: null
>>Original Exception was java.lang.NullPointerException
>> at
>>org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
>
> Source)
>
>> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
>>Source)
>> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
>>Source)
>> at TestXSEC.main(TestXSEC.java:97)
>>java.lang.NullPointerException
>> at java.lang.Class.forName0(Native Method)
>> at java.lang.Class.forName(Class.java:141)
>> at
>>org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
>
> Source)
>
>> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
>>Source)
>> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
>>Source)
>> at TestXSEC.main(TestXSEC.java:97)
>>Exception in thread "main"
>>
>>I'm using this XMLSignature ctor:
>>
>>XMLSignature(org.w3c.dom.Document doc,
>> java.lang.String BaseURI,
>> java.lang.String SignatureMethodURI,
>> java.lang.String CanonicalizationMethodURI)
>>
>>I couldn't find any examples using this ctor. I'm trying to sign already
>>created XML template with <Signature> element in it. Similar to
>>templateSign.cpp in C++ examples. I'm using XSEC 1.2.1 and JDK 1.4.2.
>>
>>Am I doing something wrong? Could someone verify that this ctor works OK?
>>
>>Best regards,
>>Milan
>>
>>
>>------------------------------------------------------------------------
>>
>><IzdaniRacunEnostavni xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>
> xmlns:xds="http://uri.etsi.org/01903/v1.1.1#"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:noNamespaceSchemaLocation="http://www.gzs.si/e-poslovanje/sheme/eSlog_1-
> 4_PreprostiRacun.xsd"><Racun Id="data"></Racun><ds:Signature
> Id="SignatureId"><ds:SignedInfo><ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canonicaliz
> ationMethod><ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> <ds:Reference URI="#data"><ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:Dig
> estValue>empty</ds:DigestValue></ds:Reference><ds:Reference
> URI="#SignedPropertiesId"><ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:Dig
> estValue>empty</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureV
> alue>empty</ds:SignatureValue><ds:Object><xds:QualifyingPropert
> ies Target="#SignatureId"><xds:SignedProperties
> Id="SignedPropertiesId"><xds:SignedSignatureProperties><xds:SigningTime>2005
> -10-14T13:30:52.783Z</xds:SigningTime><xds:SigningCertificate><xds:Cert><xds
> :CertDigest><xds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></xds:DigestMethod><xds:D
> igestValue>s4Vq41bmhfrwpmaHpEt0tilaFmc=</xds:DigestValue></xds:CertDigest><x
> ds:IssuerSerial><ds:X509IssuerName>OU=sitest-ca, O=state-institutions,
> C=si</ds:X509IssuerName><ds:X509SerialNumber>1007374424</ds:X509SerialNumber
>
>></xds:IssuerSerial></xds:Cert></xds:SigningCertificate><xds:SignaturePolicy
>
> Identifier><xds:SignaturePolicyImplied></xds:SignaturePolicyImplied></xds:Si
> gnaturePolicyIdentifier></xds:SignedSignatureProperties></xds:SignedProperti
> es></xds:QualifyingProperties></ds:Object></ds:Signature></IzdaniRacunEnosta
> vni>
>
RE: [java] XMLSignature ctor
Posted by Milan Tomic <mi...@setcce.org>.
I have tried to debug, but without any luck. :( I'm using Eclipse IDE.
This is my call stack:
ElementNode2.getAttributeNS(String, String) line: 409
SignatureAlgorithm.getURI() line: 303
SignatureAlgorithm.<init>(Element, String) line: 124
SignedInfo.<init>(Document, Element, Element) line: 136
XMLSignature.<init>(Document, String, Element, Element) line: 229
TestXSEC.main(String[]) line: 97
This is the only line of code in getURI():
return this._constructionElement.getAttributeNS(null,
Constants._ATT_ALGORITHM);
but when I step into getAttributeNS():
public String getAttributeNS(String namespaceURI, String localName) {
...
}
I can see that namespaceURI have a value of
"http://www.w3.org/2000/09/xmldsig#" (and it should be null)
Because of this, the code failes to find attribute. I have never seen such a
case... :(
Best regards,
Milan
-----Original Message-----
From: Sean Mullan [mailto:Sean.Mullan@Sun.COM]
Sent: Friday, October 14, 2005 5:43 PM
To: security-dev@xml.apache.org
Subject: Re: [java] XMLSignature ctor
I don't know for sure, but you should be able to figure out the problem
by inserting some print statements or running your test case thru a
debugger such as jdb or JSwat (you will have to recompile the Apache
XMLSec source with the -g flag though). Also, make sure when you parse
your Document with a DocumentBuilder you set it to be namespace aware
(DocumentBuilderFactory.setNamespaceAware(true)).
--Sean
Milan Tomic wrote:
> As much as I could debug XSEC, "Algorith" attribute was never found for my
> <SignatureMethod> element, although it is there. Perhaps this is an issue
> with namespaces?
>
> I'm attaching XML file I was using for testing purposes.
>
> Best regards,
> Milan
>
>
> -----Original Message-----
> From: Milan Tomic [mailto:milan@setcce.org]
> Sent: Friday, October 14, 2005 11:49 AM
> To: security-dev@xml.apache.org
> Subject: RE: [java] XMLSignature ctor
>
>
>
>>Yes, the docSig parameter should be the
>>SignatureMethod element and not
>>the Signature element.
>
>
> Thank you, Sean. The error message a little confused me.
>
> I did as you suggested and now I got this exception in XMLSignature ctor:
>
> org.apache.xml.security.signature.XMLSignatureException: The requested
> algorithm does not exist. Original Message was: null
> Original Exception was java.lang.NullPointerException
> at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
Source)
> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
> Source)
> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
> Source)
> at TestXSEC.main(TestXSEC.java:97)
> java.lang.NullPointerException
> at java.lang.Class.forName0(Native Method)
> at java.lang.Class.forName(Class.java:141)
> at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown
Source)
> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
> Source)
> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
> Source)
> at TestXSEC.main(TestXSEC.java:97)
> Exception in thread "main"
>
> I'm using this XMLSignature ctor:
>
> XMLSignature(org.w3c.dom.Document doc,
> java.lang.String BaseURI,
> java.lang.String SignatureMethodURI,
> java.lang.String CanonicalizationMethodURI)
>
> I couldn't find any examples using this ctor. I'm trying to sign already
> created XML template with <Signature> element in it. Similar to
> templateSign.cpp in C++ examples. I'm using XSEC 1.2.1 and JDK 1.4.2.
>
> Am I doing something wrong? Could someone verify that this ctor works OK?
>
> Best regards,
> Milan
>
>
> ------------------------------------------------------------------------
>
> <IzdaniRacunEnostavni xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xds="http://uri.etsi.org/01903/v1.1.1#"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.gzs.si/e-poslovanje/sheme/eSlog_1-
4_PreprostiRacun.xsd"><Racun Id="data"></Racun><ds:Signature
Id="SignatureId"><ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canonicaliz
ationMethod><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#data"><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:Dig
estValue>empty</ds:DigestValue></ds:Reference><ds:Reference
URI="#SignedPropertiesId"><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:Dig
estValue>empty</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureV
alue>empty</ds:SignatureValue><ds:Object><xds:QualifyingPropert
ies Target="#SignatureId"><xds:SignedProperties
Id="SignedPropertiesId"><xds:SignedSignatureProperties><xds:SigningTime>2005
-10-14T13:30:52.783Z</xds:SigningTime><xds:SigningCertificate><xds:Cert><xds
:CertDigest><xds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></xds:DigestMethod><xds:D
igestValue>s4Vq41bmhfrwpmaHpEt0tilaFmc=</xds:DigestValue></xds:CertDigest><x
ds:IssuerSerial><ds:X509IssuerName>OU=sitest-ca, O=state-institutions,
C=si</ds:X509IssuerName><ds:X509SerialNumber>1007374424</ds:X509SerialNumber
></xds:IssuerSerial></xds:Cert></xds:SigningCertificate><xds:SignaturePolicy
Identifier><xds:SignaturePolicyImplied></xds:SignaturePolicyImplied></xds:Si
gnaturePolicyIdentifier></xds:SignedSignatureProperties></xds:SignedProperti
es></xds:QualifyingProperties></ds:Object></ds:Signature></IzdaniRacunEnosta
vni>
Re: [java] XMLSignature ctor
Posted by Sean Mullan <Se...@Sun.COM>.
I don't know for sure, but you should be able to figure out the problem
by inserting some print statements or running your test case thru a
debugger such as jdb or JSwat (you will have to recompile the Apache
XMLSec source with the -g flag though). Also, make sure when you parse
your Document with a DocumentBuilder you set it to be namespace aware
(DocumentBuilderFactory.setNamespaceAware(true)).
--Sean
Milan Tomic wrote:
> As much as I could debug XSEC, "Algorith" attribute was never found for my
> <SignatureMethod> element, although it is there. Perhaps this is an issue
> with namespaces?
>
> I'm attaching XML file I was using for testing purposes.
>
> Best regards,
> Milan
>
>
> -----Original Message-----
> From: Milan Tomic [mailto:milan@setcce.org]
> Sent: Friday, October 14, 2005 11:49 AM
> To: security-dev@xml.apache.org
> Subject: RE: [java] XMLSignature ctor
>
>
>
>>Yes, the docSig parameter should be the
>>SignatureMethod element and not
>>the Signature element.
>
>
> Thank you, Sean. The error message a little confused me.
>
> I did as you suggested and now I got this exception in XMLSignature ctor:
>
> org.apache.xml.security.signature.XMLSignatureException: The requested
> algorithm does not exist. Original Message was: null
> Original Exception was java.lang.NullPointerException
> at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
> Source)
> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
> Source)
> at TestXSEC.main(TestXSEC.java:97)
> java.lang.NullPointerException
> at java.lang.Class.forName0(Native Method)
> at java.lang.Class.forName(Class.java:141)
> at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
> Source)
> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
> Source)
> at TestXSEC.main(TestXSEC.java:97)
> Exception in thread "main"
>
> I'm using this XMLSignature ctor:
>
> XMLSignature(org.w3c.dom.Document doc,
> java.lang.String BaseURI,
> java.lang.String SignatureMethodURI,
> java.lang.String CanonicalizationMethodURI)
>
> I couldn't find any examples using this ctor. I'm trying to sign already
> created XML template with <Signature> element in it. Similar to
> templateSign.cpp in C++ examples. I'm using XSEC 1.2.1 and JDK 1.4.2.
>
> Am I doing something wrong? Could someone verify that this ctor works OK?
>
> Best regards,
> Milan
>
>
> ------------------------------------------------------------------------
>
> <IzdaniRacunEnostavni xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xds="http://uri.etsi.org/01903/v1.1.1#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.gzs.si/e-poslovanje/sheme/eSlog_1-4_PreprostiRacun.xsd"><Racun Id="data"></Racun><ds:Signature Id="SignatureId"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference URI="#data"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>empty</ds:DigestValue></ds:Reference><ds:Reference URI="#SignedPropertiesId"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>empty</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>empty</ds:SignatureValue><ds:Object><xds:QualifyingPropert
ies Target="#SignatureId"><xds:SignedProperties Id="SignedPropertiesId"><xds:SignedSignatureProperties><xds:SigningTime>2005-10-14T13:30:52.783Z</xds:SigningTime><xds:SigningCertificate><xds:Cert><xds:CertDigest><xds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></xds:DigestMethod><xds:DigestValue>s4Vq41bmhfrwpmaHpEt0tilaFmc=</xds:DigestValue></xds:CertDigest><xds:IssuerSerial><ds:X509IssuerName>OU=sitest-ca, O=state-institutions, C=si</ds:X509IssuerName><ds:X509SerialNumber>1007374424</ds:X509SerialNumber></xds:IssuerSerial></xds:Cert></xds:SigningCertificate><xds:SignaturePolicyIdentifier><xds:SignaturePolicyImplied></xds:SignaturePolicyImplied></xds:SignaturePolicyIdentifier></xds:SignedSignatureProperties></xds:SignedProperties></xds:QualifyingProperties></ds:Object></ds:Signature></IzdaniRacunEnostavni>
RE: [java] XMLSignature ctor
Posted by Milan Tomic <mi...@setcce.org>.
As much as I could debug XSEC, "Algorith" attribute was never found for my
<SignatureMethod> element, although it is there. Perhaps this is an issue
with namespaces?
I'm attaching XML file I was using for testing purposes.
Best regards,
Milan
-----Original Message-----
From: Milan Tomic [mailto:milan@setcce.org]
Sent: Friday, October 14, 2005 11:49 AM
To: security-dev@xml.apache.org
Subject: RE: [java] XMLSignature ctor
> Yes, the docSig parameter should be the
> SignatureMethod element and not
> the Signature element.
Thank you, Sean. The error message a little confused me.
I did as you suggested and now I got this exception in XMLSignature ctor:
org.apache.xml.security.signature.XMLSignatureException: The requested
algorithm does not exist. Original Message was: null
Original Exception was java.lang.NullPointerException
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
at TestXSEC.main(TestXSEC.java:97)
java.lang.NullPointerException
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:141)
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
at TestXSEC.main(TestXSEC.java:97)
Exception in thread "main"
I'm using this XMLSignature ctor:
XMLSignature(org.w3c.dom.Document doc,
java.lang.String BaseURI,
java.lang.String SignatureMethodURI,
java.lang.String CanonicalizationMethodURI)
I couldn't find any examples using this ctor. I'm trying to sign already
created XML template with <Signature> element in it. Similar to
templateSign.cpp in C++ examples. I'm using XSEC 1.2.1 and JDK 1.4.2.
Am I doing something wrong? Could someone verify that this ctor works OK?
Best regards,
Milan
RE: [java] XMLSignature ctor
Posted by Milan Tomic <mi...@setcce.org>.
> Yes, the docSig parameter should be the
> SignatureMethod element and not
> the Signature element.
Thank you, Sean. The error message a little confused me.
I did as you suggested and now I got this exception in XMLSignature ctor:
org.apache.xml.security.signature.XMLSignatureException: The requested
algorithm does not exist. Original Message was: null
Original Exception was java.lang.NullPointerException
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
at TestXSEC.main(TestXSEC.java:97)
java.lang.NullPointerException
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:141)
at
org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown
Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
at TestXSEC.main(TestXSEC.java:97)
Exception in thread "main"
I'm using this XMLSignature ctor:
XMLSignature(org.w3c.dom.Document doc,
java.lang.String BaseURI,
java.lang.String SignatureMethodURI,
java.lang.String CanonicalizationMethodURI)
I couldn't find any examples using this ctor. I'm trying to sign already
created XML template with <Signature> element in it. Similar to
templateSign.cpp in C++ examples. I'm using XSEC 1.2.1 and JDK 1.4.2.
Am I doing something wrong? Could someone verify that this ctor works OK?
Best regards,
Milan
Re: [java] XMLSignature ctor
Posted by Sean Mullan <Se...@Sun.COM>.
Hi Milan,
Milan Tomic wrote:
>
>
> I'm using XMLSignature ctor like this:
>
>
>
> XMLSignature sig = new XMLSignature(doc, BaseURI, docSig, docCan);
>
>
>
> and got the following error:
>
>
>
> org.apache.xml.security.exceptions.XMLSecurityException: Cannot create a
> http://www.w3.org/2000/09/xmldsig#:Signature from a
> http://www.w3.org/2000/09/xmldsig#:SignatureMethod element
>
> at
> org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpace(Unknown
> Source)
>
> at org.apache.xml.security.utils.ElementProxy.<init>(Unknown Source)
>
> at org.apache.xml.security.algorithms.Algorithm.<init>(Unknown Source)
>
> at
> org.apache.xml.security.algorithms.SignatureAlgorithm.<init>(Unknown Source)
>
> at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
>
> at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
> Source)
>
>
>
> I have checked node names with:
>
>
>
> System.out.println(docSig.getNodeName());
>
> System.out.println(docCan.getNodeName());
>
>
>
> and the output is:
>
>
>
> ds:Signature
>
> ds:CanonicalizationMethod
>
>
>
> Does anyone have some idea what could be wrong?
Yes, the docSig parameter should be the SignatureMethod element and not
the Signature element.
--Sean