santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From def abc <anon742...@yahoo.fr>
Subject Enveloped signature verification (with enveloped + C14N transform)
Date Mon, 07 Feb 2005 14:24:01 GMT
Hi all,
Sorry to bother you, but I still can't get it to
work...
My enveloping signature & my detached signature work,
but not the enveloped one. I've been checking the
CreateSignature example - seems pretty close to my
own... Or is it the verification that's wrong in my
case ?
Thanks for any hint...
Regards,
Axelle.

Creating the enveloped signature:
XMLSignature signature;
		
signature = new XMLSignature(input,
inputURI.toString(),
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
		
Transforms transforms = new Transforms(input);
 
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
      
transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
        
signature.addDocument("", transforms);
signature.sign(prvkey);
				
Element root = input.getDocumentElement();
root.appendChild(signature.getElement());
				
XMLUtils.outputDOM(input, output);

========
Verification code:
FileInputStream fis = new
FileInputStream(outputURI.getPath());
Document doc = db.parse(fis);
fis.close();
		
		
NodeList dsNodeList =
doc.getElementsByTagName("ds:Signature");
if (dsNodeList.getLength() == 0)
	throw new IOException("No signature in file");
		
Element dsElement = (Element) dsNodeList.item(0);
			
XMLSignature signature = new XMLSignature(dsElement,
outputURI.toString());
return signature.checkSignatureValue(pubkey);

=============
XML file :
<policy xsi:schemaLocation="http://xxx /home/xxx">
<dsi_policy>
 ...
</dsi_policy>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>7uZSWomZ8W6sa3GI+e/XCygny2I=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
BaUch43FSfEA4YFrFFp ....
</ds:SignatureValue>
</ds:Signature>
</policy>



	

	
		
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! 
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/

Mime
View raw message