You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Raul Benito <ra...@gmail.com> on 2005/03/01 09:35:54 UTC
Re: Help - DSIG Verification
I haven't look in enought detail on this, so I´m only going to answer
the theoricall things.
On Fri, 25 Feb 2005 12:08:56 -0000, Ritesh.Aswaney@syntegra.com
<Ri...@syntegra.com> wrote:
>
>
>
> People,
>
>
>
> I've managed to create a DSIG with a XSLT Transform and exclusive
> canonicalization.
>
> If someone can answer a few queries for me :
>
>
>
> 1) With the code I've written below, can I be sure that the API
> internally applies canonicalization and the XSLT Transform, before
> calculating the Hash and finally the Signature Value ?
Yes, the code always c14n everything that is going to be sign.
>
> 2) When I invoke the verification call, it fails with the following
> result :
>
>
>
> Gunna Sign
>
> Completed Signing
>
> Gunna Decode
>
> 25-Feb-2005 11:49:20 org.apache.xml.security.signature.Reference verify
>
> INFO: Verification successful for URI ""
>
> Verification Result : false
>
> Completed Decoding
>
>
It means that the hash is correct, but the signature not.
>
> Why is this verification failing ? When I m passing the correct public key…
> and what does the log generated by the API signify ?
>
> Someone please help ! I have a deadline to meet…
>
>
Sorry for not helping before.
>
>
>
> public class SampleTransformXSLT {
>
>
>
> /**+
>
> * Method main
>
> *
>
> * @param args
>
> * @throws Exception
>
> */
>
> public static void main(String args[]) throws Exception {
>
> org.apache.xml.security.Init.init();
>
>
>
> //J-
>
> String transformStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/xslt.xslt")) ;
>
>
>
> String inputStr =convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/CreateRx.xml")) ;
>
> //J+
>
> javax.xml.parsers.DocumentBuilderFactory dbf =
>
> javax.xml.parsers.DocumentBuilderFactory.newInstance();
>
>
>
> dbf.setNamespaceAware(true);
>
>
>
> javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
>
> org.w3c.dom.Document doc =
>
> db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes()));
>
>
>
>
>
> KeyPairGenerator pairGenerator = KeyPairGenerator.getInstance("RSA");
>
> KeyPair keyPair = pairGenerator.generateKeyPair();
>
> Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes()));
>
> Document transformDoc = db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes()));
>
>
>
> XMLSignature signer = new
> XMLSignature(sourceDoc,null,XMLSignature.ALGO_ID_SIGNATURE_RSA);
>
>
>
> sourceDoc.getDocumentElement().appendChild(signer.getElement());
>
>
>
> Transforms transforms = new Transforms(sourceDoc);
>
>
>
> transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
>
>
>
> transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
>
>
>
> Node xslElem = transformDoc.getDocumentElement();
>
> Node xslElemImported = sourceDoc.importNode(xslElem, true);
>
>
>
> transforms.addTransform(Transforms.TRANSFORM_XSLT,
> (org.w3c.dom.Element)xslElemImported);
>
>
>
> signer.addDocument("",transforms,Constants.ALGO_ID_DIGEST_SHA1);
>
>
>
> signer.addKeyInfo(keyPair.getPublic());
>
>
>
> System.out.println("Gunna Sign");
>
> signer.sign(keyPair.getPrivate());
>
> System.out.println("Completed Signing");
>
>
>
> XMLUtils.outputDOM(signer.getDocument(),new FileOutputStream(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml")));
>
>
>
>
>
> //call to verify
>
> verify(keyPair.getPublic());
>
>
>
> }
>
>
>
>
>
>
>
> private static String convertFileToString(File file)
>
> {
>
> StringBuffer buffer = new StringBuffer();
>
> try
>
> {
>
> String line = null;
>
> FileInputStream fin = new FileInputStream(file);
>
> BufferedReader reader =
>
> new BufferedReader(new InputStreamReader(fin));
>
> while ((line = reader.readLine()) != null)
>
> {
>
> buffer.append(line);
>
> }
>
> }
>
> catch (Exception exc)
>
> {
>
> exc.printStackTrace();
>
> }
>
> return buffer.toString();
>
> }
>
>
>
> static
>
> {
>
> Init.init();
>
> }
>
>
>
> }
>
>
>
> public static void verify(PublicKey publicKey) throws Exception {
>
>
>
>
>
> //J-
>
> String inputStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml")) ;
>
>
>
> javax.xml.parsers.DocumentBuilderFactory dbf =
>
> javax.xml.parsers.DocumentBuilderFactory.newInstance();
>
>
>
> dbf.setNamespaceAware(true);
>
>
>
> javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
>
>
>
> Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes()));
>
>
>
> Element dsigElement =
> (Element)sourceDoc.getDocumentElement().getLastChild();
>
>
>
> System.out.println(dsigElement.getNodeName());
>
>
>
> XMLSignature signer = new XMLSignature(dsigElement,null);
>
>
>
> System.out.println("Gunna Decode");
>
> System.out.println(signer.checkSignatureValue(publicKey));
>
> System.out.println("Completed Decoding");
>
>
>
> }
>
>
>
> Best Always,
> ........................................................................................................................
>
> Ritesh Aswaney
> Mastek UK Ltd
>
> ( Mobile: +44 7909540132
>
> .........................................................................................................................
>
>
>
> ********************************************************************
>
> This email may contain information which is privileged or confidential. If
> you are not the intended recipient of this email, please notify the sender
> immediately and delete it without reading, copying, storing, forwarding or
> disclosing its contents to any other person
> Thank you
>
> Check us out at http://www.bt.com/consulting
>
> ********************************************************************
>
--
http://r-bg.com