santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cédric POTHIN <cedric.pot...@cegetel.fr>
Subject RE: Canonicalization problem of XML containing a XML signature
Date Tue, 25 Jan 2005 16:07:28 GMT
Sorry I forget to say that I use the last source code
from CVS and the associated library.

Cédric

-----Message d'origine-----
De : Cédric POTHIN [mailto:cedric.pothin@cegetel.fr] 
Envoyé : mardi 25 janvier 2005 15:54
À : security-dev@xml.apache.org
Objet : Canonicalization problem of XML containing a XML signature

Hi all,

I have a strange issue regarding the canoncicalization
of a XML Document containing a XML signature. This
canonicalization is required to insert a signature
value of the whole document at the end of the document.

If I don't insert the XML signature in my document
the canonicalization is ok. If I insert the XML 
signature the canonicalization failed : some parts
of the document is not canonicalized.

Here is the input/output of the canonicalization.

And also the code that do the exclusive c14n canonicalization.
and the xml signature

Any clue ?

Thanks in advance for any answers/help.

Cédric


Input of the canonicalization :
-----------------------------------

<?xml version="1.0" encoding="UTF-8"?>
<roap:roResponse status="Success"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:o-dd="http://odrl.net/1.1/ODREL-DD"
    xmlns:o-ex="http://odrl.net/1.1/ODREL-EX"
    xmlns:roap="urn:oma:bac:dldrm:roap-1.0"
    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
xmlns:xsi="http://www/w3.org/2001/XMLSchema-instance">
    <deviceID>
        <keyIdentifier xsi:type="roap:X509SPKIHash">
            <hash>DegpKHcvpl96B92Vw/5jkUyXRd4=</hash>
        </keyIdentifier>
    </deviceID>
    <riID>
        <keyIdentifier xsi:type="roap:X509SPKIHash">
            <hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash>
        </keyIdentifier>
    </riID>
    <Nonce>327612312</Nonce>
    <protectedRO>
        <ro id="1" stateful="true" version="1.0">
            <riID>
                <keyIdentifier xsi:type="roap:X509SPKIHash">
                    <hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash>
                </keyIdentifier>
            </riID>
            <o-ex:rights o-ex:id="REL0">
                <o-ex:context>
                    <o-dd:version>2.0</o-dd:version>
                </o-ex:context>
                <o-ex:agreement>
                    <o-ex:asset>
                        <o-ex:context>
                            <o-dd:version>2.0</o-dd:version>
                            <o-dd:uid>cid:591426543@vodafone.com</o-dd:uid>
                        </o-ex:context>
                        <o-ex:digest>
                            <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
 
<ds:DigestValue>OV1+vvou4r5fEKDBvpI3eztkYNM=</ds:DigestValue>
                        </o-ex:digest>
                        <ds:KeyInfo>
                            <xenc:EncryptedKey>
                                <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128"/>
                                <xenc:CipherData>
 
<xenc:CipherValue>Epp1k8KfMBqg+SYNCiZSwr1OVmuZHZiP</xenc:CipherValue>
                                </xenc:CipherData>
                            </xenc:EncryptedKey>
                            <ds:RetrievalMethod
ds:URI="K_REK_and_K_MAC_984511788"/>
                        </ds:KeyInfo>
                    </o-ex:asset>
                    <o-ex:permission>
                        <o-dd:play>
                            <o-ex:constraint>
                                <o-dd:count>3</o-dd:count>
                            </o-ex:constraint>
                        </o-dd:play>
                    </o-ex:permission>
                </o-ex:agreement>
            </o-ex:rights>
            <encKey id="K_REK_and_K_MAC_984511788">
                <xenc:EncryptionMethod
Algorithm="http://www.rsasecurity.com/rsalabs/xmlpkcs-1#rsaes-kem-kdf2-kw-ae
s128"/>
                <ds:KeyInfo>
                    <roap:X509SPKIHash>
                        <hash>DegpKHcvpl96B92Vw/5jkUyXRd4=</hash>
                    </roap:X509SPKIHash>
                </ds:KeyInfo>
                <xenc:CipherData>
 
<xenc:CipherValue>LV+KUMGjcr/f8QejPkUcYjHw5mRvxxE+thVnweQgk/Kv28qPZZ9XrEXbKj
48YkefWHXviZWKon7Wc9dbTft+Rdib2HuFb5l8N50hXAQXFfQAf/BpGdz+sVna8UODthK4Ftp4yw
3ciVmFUCg31NmkUYgl8ItSwvPKBTZrLLUb8wnRUXRoyy7WBxUt75Q8sWVj2reZBoQJN3l8gJx5nj
bZ60iiDTf5gyzx</xenc:CipherValue>
                </xenc:CipherData>
            </encKey>
        </ro>
        <ds:Signature>
            <ds:SignedInfo>
                <ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
                <ds:Reference URI="#1">
                    <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
 
<ds:DigestValue>IRoycDtXfjqE/ZW+oeoxyvKaej8=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
 
<ds:SignatureValue>jggZZU/GpMAI/Sg0dcIYiMdeNL8=</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:RetrievalMethod URI="#K_REK_and_K_MAC_984511788"/>
            </ds:KeyInfo>
        </ds:Signature>
    </protectedRO>
    <certificateChain>
 
<certificate>MIICXTCCAcYCAQIwDQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMCZnIxETAPBgN
VBAgTCEdSRU5PQkxFMRMwEQYDVQQHEwpNT05UQk9OTk9UMREwDwYDVQQKEwhJTk9WQVRFTDEQMA4
GA1UECxMHRFJNVEVBTTEfMB0GA1UEAxMWU1VCIENBIEZPUiBSSSBPTUFEUk1WMjAeFw0wNDA1Mjg
wODQ1MjhaFw0xNTA1MDEwODQ1MjhaMHMxCzAJBgNVBAYTAkZSMREwDwYDVQQIEwhHUkVOT0JMRTE
TMBEGA1UEBxMKTU9OVEJPTk5PVDEQMA4GA1UEChMHRFJNVEVBTTELMAkGA1UECxMCUkkxHTAbBgN
VBAMTFENFUi4gRk9SIFJJIE9NQURSTVYyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMYTY
jrPe8/lvp+5mdefXNnji23soZAe+oNJK8+5JBeJ6mNKWvjzgr4BJAnXaCwLncyOJxBeovAiAPXFk
D/54FrWMOpO9Oa5oZliCseEAQL082VDnAMN0rrPgt5aREjd2DIpO96dieMYbyvDXIMrLf+iGVH+K
UKVyN51gw0O4v1QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAI7s6ZygePOS21yWxUZflLvTe96BERl
Qbroj6Hiic3jLyE4nYuvbuoDoXRiiuzcNbWPRSqJkabBvcB8+8yi1NuIe6/SoiKjNpCZKNl8wX47
cAiBv+DEBnBkH/9LpFOllD1hDRqNj2Tx5k9l53DR7+qb6WHrrB6vLTCESU2wqlm/q</certifica
te>
 
<certificate>MIIC4zCCAcsCAQEwDQYJKoZIhvcNAQEFBQAweDELMAkGA1UEBhMCRlIxETAPBgN
VBAgTCEdSRU5PQkxFMRMwEQYDVQQHEwpNT05UQk9OTk9UMQwwCgYDVQQKEwNTRlIxETAPBgNVBAs
TCElOT1ZBVEVMMSAwHgYDVQQDExdST09UIENBIEZPUiBSSSBPTUFEUk1WMjAeFw0wNDA1MjgwODQ
xMDVaFw0xNTA1MDkwODQxMDVaMHsxCzAJBgNVBAYTAmZyMREwDwYDVQQIEwhHUkVOT0JMRTETMBE
GA1UEBxMKTU9OVEJPTk5PVDERMA8GA1UEChMISU5PVkFURUwxEDAOBgNVBAsTB0RSTVRFQU0xHzA
dBgNVBAMTFlNVQiBDQSBGT1IgUkkgT01BRFJNVjIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoG
BANUS8I0gXPWIPTVnj2BotBNht+EdZh1MhSZ1DCKPeV7EOk7pCi2IGJRByTxIV6PAAabo1BKo+LD
dfw9bfj20K3sdExd6KIm3lk0eFTw4mg7al8I0wUzIvUqJl/yxiiYfSjEAEhM0VhcgokqMkVCZ8Za
XceWUXIhohX6dafJfPKdFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA5Kfglfd6z0phqk56Y758S
/XhPa18jy2VvnIxk27G/Wp5OZvmtL5kyppJBZISkNrKbFtKmyoJkGjDj/wxCTFyb3nuxXZBBtjEr
x8YsopGPs+dXe7v/gAaCYkDAAIuiAxa5FigPKkbZi/62MkHWcqE06Gf7b9O9cHx7xfKn9Snjvkwk
jpbrMKZhpHI8ar1AgNy9UHxUsT5n0paHv7h3qnNEkQlTH7IYsfb6QsXADw1qswrI4xapyy7VszS0
1S3i1H1WhxytC/R7qzoP0c8kQW+T0H/vTAwTojsoNeOq9H6exRUSogz2jD4PNREt9bQyCfqARFhm
QKZ5ipLL/DbXL/tg=</certificate>
    </certificateChain>
</roap:roResponse>



Output of the canonicalization :
----------------------------------

<roap:roResponse xmlns:roap="urn:oma:bac:dldrm:roap-1.0"
status="Success"><deviceID><keyIdentifier
xsi:type="roap:X509SPKIHash"><hash>DegpKHcvpl96B92Vw/5jkUyXRd4=</hash></keyI
dentifier></deviceID><riID><keyIdentifier
xsi:type="roap:X509SPKIHash"><hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash></keyI
dentifier></riID><Nonce>327612312</Nonce><protectedRO><ro id="1"
stateful="true" version="1.0"><riID><keyIdentifier
xsi:type="roap:X509SPKIHash"><hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash></keyI
dentifier></riID><o-ex:rights xmlns:o-ex="http://odrl.net/1.1/ODREL-EX"
o-ex:id="REL0">
    <o-ex:context>
        <o-dd:version
xmlns:o-dd="http://odrl.net/1.1/ODREL-DD">2.0</o-dd:version>
    </o-ex:context>
    <o-ex:agreement>
        <o-ex:asset>
            <o-ex:context>
                <o-dd:version
xmlns:o-dd="http://odrl.net/1.1/ODREL-DD">2.0</o-dd:version>
                <o-dd:uid
xmlns:o-dd="http://odrl.net/1.1/ODREL-DD">cid:591426543@vodafone.com</o-dd:u
id>
            </o-ex:context>
            <o-ex:digest>
                <ds:DigestMethod
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
                <ds:DigestValue
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">OV1+vvou4r5fEKDBvpI3eztkYNM=</
ds:DigestValue>
            </o-ex:digest>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                    <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes128"></xenc:EncryptionMeth
od>
                    <xenc:CipherData>
 
<xenc:CipherValue>Epp1k8KfMBqg+SYNCiZSwr1OVmuZHZiP</xenc:CipherValue>
                    </xenc:CipherData>
                </xenc:EncryptedKey>
                <ds:RetrievalMethod
ds:URI="K_REK_and_K_MAC_984511788"></ds:RetrievalMethod>
            </ds:KeyInfo>
        </o-ex:asset>
        <o-ex:permission>
            <o-dd:play xmlns:o-dd="http://odrl.net/1.1/ODREL-DD">
                <o-ex:constraint>
                    <o-dd:count>3</o-dd:count>
                </o-ex:constraint>
            </o-dd:play>
        </o-ex:permission>
    </o-ex:agreement>
</o-ex:rights><encKey id="K_REK_and_K_MAC_984511788"><xenc:EncryptionMethod
Algorithm="http://www.rsasecurity.com/rsalabs/xmlpkcs-1#rsaes-kem-kdf2-kw-ae
s128"></xenc:EncryptionMethod><ds:KeyInfo><roap:X509SPKIHash><hash>DegpKHcvp
l96B92Vw/5jkUyXRd4=</hash></roap:X509SPKIHash></ds:KeyInfo><xenc:CipherData>
<xenc:CipherValue>LV+KUMGjcr/f8QejPkUcYjHw5mRvxxE+thVnweQgk/Kv28qPZZ9XrEXbKj
48YkefWHXviZWKon7Wc9dbTft+Rdib2HuFb5l8N50hXAQXFfQAf/BpGdz+sVna8UODthK4Ftp4yw
3ciVmFUCg31NmkUYgl8ItSwvPKBTZrLLUb8wnRUXRoyy7WBxUt75Q8sWVj2reZBoQJN3l8gJx5nj
bZ60iiDTf5gyzx</xenc:CipherValue></xenc:CipherData></encKey></ro><ds:Signatu
re xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMet
hod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMethod
>
<ds:Reference URI="#1">
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>IRoycDtXfjqE/ZW+oeoxyvKaej8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>jggZZU/GpMAI/Sg0dcIYiMdeNL8=</ds:SignatureValue>
<ds:KeyInfo>
<ds:RetrievalMethod URI="#K_REK_and_K_MAC_984511788"></ds:RetrievalMethod>
</ds:KeyInfo>
</ds:Signature></protectedRO><certificateChain><certificate>MIICXTCCAcYCAQIw
DQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMCZnIxETAPBgNVBAgTCEdSRU5PQkxFMRMwEQYDVQQH
EwpNT05UQk9OTk9UMREwDwYDVQQKEwhJTk9WQVRFTDEQMA4GA1UECxMHRFJNVEVBTTEfMB0GA1UE
AxMWU1VCIENBIEZPUiBSSSBPTUFEUk1WMjAeFw0wNDA1MjgwODQ1MjhaFw0xNTA1MDEwODQ1Mjha
MHMxCzAJBgNVBAYTAkZSMREwDwYDVQQIEwhHUkVOT0JMRTETMBEGA1UEBxMKTU9OVEJPTk5PVDEQ
MA4GA1UEChMHRFJNVEVBTTELMAkGA1UECxMCUkkxHTAbBgNVBAMTFENFUi4gRk9SIFJJIE9NQURS
TVYyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMYTYjrPe8/lvp+5mdefXNnji23soZAe+o
NJK8+5JBeJ6mNKWvjzgr4BJAnXaCwLncyOJxBeovAiAPXFkD/54FrWMOpO9Oa5oZliCseEAQL082
VDnAMN0rrPgt5aREjd2DIpO96dieMYbyvDXIMrLf+iGVH+KUKVyN51gw0O4v1QIDAQABMA0GCSqG
SIb3DQEBBQUAA4GBAI7s6ZygePOS21yWxUZflLvTe96BERlQbroj6Hiic3jLyE4nYuvbuoDoXRii
uzcNbWPRSqJkabBvcB8+8yi1NuIe6/SoiKjNpCZKNl8wX47cAiBv+DEBnBkH/9LpFOllD1hDRqNj
2Tx5k9l53DR7+qb6WHrrB6vLTCESU2wqlm/q</certificate><certificate>MIIC4zCCAcsCA
QEwDQYJKoZIhvcNAQEFBQAweDELMAkGA1UEBhMCRlIxETAPBgNVBAgTCEdSRU5PQkxFMRMwEQYDV
QQHEwpNT05UQk9OTk9UMQwwCgYDVQQKEwNTRlIxETAPBgNVBAsTCElOT1ZBVEVMMSAwHgYDVQQDE
xdST09UIENBIEZPUiBSSSBPTUFEUk1WMjAeFw0wNDA1MjgwODQxMDVaFw0xNTA1MDkwODQxMDVaM
HsxCzAJBgNVBAYTAmZyMREwDwYDVQQIEwhHUkVOT0JMRTETMBEGA1UEBxMKTU9OVEJPTk5PVDERM
A8GA1UEChMISU5PVkFURUwxEDAOBgNVBAsTB0RSTVRFQU0xHzAdBgNVBAMTFlNVQiBDQSBGT1IgU
kkgT01BRFJNVjIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANUS8I0gXPWIPTVnj2BotBNht
+EdZh1MhSZ1DCKPeV7EOk7pCi2IGJRByTxIV6PAAabo1BKo+LDdfw9bfj20K3sdExd6KIm3lk0eF
Tw4mg7al8I0wUzIvUqJl/yxiiYfSjEAEhM0VhcgokqMkVCZ8ZaXceWUXIhohX6dafJfPKdFAgMBA
AEwDQYJKoZIhvcNAQEFBQADggEBAA5Kfglfd6z0phqk56Y758S/XhPa18jy2VvnIxk27G/Wp5OZv
mtL5kyppJBZISkNrKbFtKmyoJkGjDj/wxCTFyb3nuxXZBBtjErx8YsopGPs+dXe7v/gAaCYkDAAI
uiAxa5FigPKkbZi/62MkHWcqE06Gf7b9O9cHx7xfKn9SnjvkwkjpbrMKZhpHI8ar1AgNy9UHxUsT
5n0paHv7h3qnNEkQlTH7IYsfb6QsXADw1qswrI4xapyy7VszS01S3i1H1WhxytC/R7qzoP0c8kQW
+T0H/vTAwTojsoNeOq9H6exRUSogz2jD4PNREt9bQyCfqARFhmQKZ5ipLL/DbXL/tg=</certifi
cate></certificateChain></roap:roResponse>




The code that do the canonicalization and sign at 
the end of the document construction process :
---------------------------------------------------

            try
            {
                // Open keystore
                ks = KeyStore.getInstance("JKS");
                fis = new FileInputStream(riKeystore);
                ks.load(fis, passwd.toCharArray());

                // Get private key from key store
                log.info("extracting the RI's private Key from the keystore
file for alias : ");
                privateKey = (java.security.interfaces.RSAPrivateKey)
ks.getKey(privateKeyAlias, passwd.toCharArray());

                // Get modulus and exponent of the provate Key
                modulus = privateKey.getModulus();
                exponent = privateKey.getPrivateExponent();
                log.debug("modulus  of the private key is : " + modulus);
                log.debug("exponent of the private key is : " + exponent);


                canonicalize =
Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
                byte[] data = canonicalize.canonicalizeSubtree(doc);

                try
                {
                   javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
                   dbf.setNamespaceAware(true);
                   javax.xml.parsers.DocumentBuilder db =
dbf.newDocumentBuilder();
                   ByteArrayOutputStream ee = new ByteArrayOutputStream();
                   //XMLUtils.outputDOM(doc3, ee);
                   XMLUtils.outputDOMc14nWithComments(doc, ee);
                   Document inputDoc = db.parse(new
ByteArrayInputStream(ee.toByteArray()));
                   ////////////
                   StringWriter strOut = new StringWriter();
                   OutputFormat format = new OutputFormat();
                   format.setIndenting(true);
                   XMLSerializer XMLSerial = new XMLSerializer(strOut,
format);
                   XMLSerial.asDOMSerializer().serialize(inputDoc);
                   log.debug("2 pass doc=" + strOut.toString());
                   log.debug("2 pass doc canonicalized=" + new
String(data));
                }
                catch (Exception e) {}

                // Intialize signature
                rsaKeyParam = new RSAKeyParameters(true, modulus, exponent);
                signer = new PSSSigner(rsaEngine, sha1Digest, 20);
                signer.init(true, new ParametersWithRandom(rsaKeyParam,
secureRand));

                signer.update(data, 0, data.length);

                //Computing signature
                sig = signer.generateSignature();
                signature = doc.createElement("signature");
                signature.appendChild(doc.createTextNode(new
String(Base64.encode(sig), "ASCII")));
                Element root = doc.getDocumentElement();
                root.appendChild(signature);
            }


The code that do the XML Signature during the documents
 construction process :
---------------------------------------------------


// Starting the Mac calculation
                log.info("starting Mac calculation"); // Canonicalize the
doc
                Element nscontext = XMLUtils.createDSctx(doc, "ds",
Constants.SignatureSpecNS);
                try
                {
                Node signedInfo = XPathAPI.selectSingleNode(doc,
"//ds:SignedInfo",  nscontext);
                }
                catch (TransformerException e){

                }

                XMLSignature sig = new XMLSignature(doc, (String) null,
XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
                        Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);

                protectedRO.appendChild(sig.getElement());

                sig.addDocument("#" + referenceURI, (Transforms) null,
Constants.ALGO_ID_DIGEST_SHA1);
                // using the MAc key to sign the ROPlayload
                sig.sign(mac);
                if (retrievalMethodURI != null)
                 retrieveMethod = new RetrievalMethod(doc, "#" +
retrievalMethodURI, (Transforms) null, (String) null);
                if (retrieveMethod == null)
                  log .error("retrieveMethod is null");
                else
                  sig.getKeyInfo().add(retrieveMethod);
                log.info("Mac tag is inserted into the ROPayload");



Mime
View raw message