You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by "Mauricio A. Paredes" <mp...@azurian.com> on 2003/01/06 22:54:01 UTC
namespaces problem
I'm using the later code to sign an XML.
This works fine (meaning the signature gets validated) if I use
XML_NO_NS, but when I use XML_NS, the signature is invalid.
Can someone give me a hint?
XML_NO_NS:
<EnvioDTE version="0.1"><SetDTE ID="SetDoc"><Caratula
version="0.1"></Caratula></SetDTE></EnvioDTE>
XML_NS:
<EnvioDTE xmlns="http://www.sii.cl/SiiDte"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="0.1"
xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE.xsd"><SetDTE
ID="SetDoc"><Caratula version="0.1"></Caratula></SetDTE></EnvioDTE>
Signed XML expected result:
<EnvioDTE xmlns="http://www.sii.cl/SiiDte"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="0.1"
xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE.xsd"><SetDTE
ID="SetDoc"><Caratula version="0.1"></Caratula></SetDTE><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">..
<ds:Reference URI="#SetDoc">
..</ds:Signatura>
Signing Code:
javax.xml.parsers.DocumentBuilderFactory factory =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
org.w3c.dom.Document document;
factory.setNamespaceAware(true);
factory.setAttribute("http://xml.org/sax/features/namespaces",
Boolean.TRUE);
javax.xml.parsers.DocumentBuilder builder =
factory.newDocumentBuilder();
document=builder.parse("c:\\orig.xml");
org.w3c.dom.Element EnvioDTE=document.getDocumentElement();
/*************************************************/
// Lee las llaves y el certificado desde el repositorio.
String keystoreType = "JKS";
String keystoreFile = "C:\\...\\.keystore";
String keystorePass = "keystorepass";
String privateKeyAlias = "alias";
String privateKeyPass = "pkpass";
String certificateAlias = "alias";
// Load the keystore
java.security.KeyStore ks =
java.security.KeyStore.getInstance(keystoreType);
java.io.FileInputStream fis = new
java.io.FileInputStream(keystoreFile);
ks.load(fis, keystorePass.toCharArray());
// And get the private key that will be used to sign the request
java.security.PrivateKey privateKey = (java.security.PrivateKey)
ks.getKey(privateKeyAlias, privateKeyPass.toCharArray());
// Add the certificate and public key information from the
keystore;
// this will be needed by the verifier
java.security.cert.X509Certificate cert =
(java.security.cert.X509Certificate)
ks.getCertificate(certificateAlias);
// Inicia la libreria de security
org.apache.xml.security.Init.init();
org.apache.xml.security.utils.Constants.setSignatureSpecNSprefix("ds");
{
// FIRMA EL DOCUMENTO
org.apache.xml.security.signature.XMLSignature sig = new
org.apache.xml.security.signature.XMLSignature(document,"",org.apache.xm
l.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
sig.getSignedInfo()
.addResourceResolver(new
org.apache.xml.security.samples.utils.resolver.OfflineResolver());
// Specify the transforms
org.apache.xml.security.transforms.Transforms transforms = new
org.apache.xml.security.transforms.Transforms(document);
//transforms.addTransform(org.apache.xml.security.transforms.Transforms.
TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(org.apache.xml.security.transforms.Transforms.TR
ANSFORM_C14N_OMIT_COMMENTS);
sig.addDocument("#SetDoc", transforms,
org.apache.xml.security.utils.Constants.ALGO_ID_DIGEST_SHA1);
sig.addKeyInfo(cert.getPublicKey());
sig.addKeyInfo(cert);
System.out.println("Starting to sign");
sig.sign(privateKey);
System.out.println("Finished signing");
EnvioDTE.appendChild(sig.getElement());
}
java.io.FileOutputStream fos = new
java.io.FileOutputStream("C:\\test.xml");
// Use a XMLUtil for output
org.apache.xml.security.utils.XMLUtils.outputDOMc14nWithComments(documen
t, fos);
fis.close();
fos.close();