santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raul Benito <raul.benito.gar...@gmail.com>
Subject Re: Help - DSIG Verification
Date Tue, 01 Mar 2005 08:35:54 GMT
I haven't look in enought detail on this, so I´m only going to answer
the theoricall things.



On Fri, 25 Feb 2005 12:08:56 -0000, Ritesh.Aswaney@syntegra.com
<Ritesh.Aswaney@syntegra.com> wrote:
>  
>  
> 
> People, 
> 
>   
> 
> I've managed to create a DSIG with a XSLT Transform and exclusive
> canonicalization. 
> 
> If someone can answer a few queries for me : 
> 
>   
> 
> 1)    With the code I've written below, can I be sure that the API
> internally applies canonicalization and the XSLT Transform, before
> calculating the Hash and finally the Signature Value ? 
Yes, the code always c14n everything that is going to be sign.
> 
> 2)    When I invoke the verification call, it fails with the following
> result : 
> 
>   
> 
> Gunna Sign 
> 
> Completed Signing 
> 
> Gunna Decode 
> 
> 25-Feb-2005 11:49:20 org.apache.xml.security.signature.Reference verify 
> 
> INFO: Verification successful for URI "" 
> 
> Verification Result : false 
> 
> Completed Decoding 
> 
>   
It means that the hash is correct, but the signature not.
> 
> Why is this verification failing ? When I m passing the correct public key…
> and what does the log generated by the API signify ? 
> 
> Someone please help !  I have a deadline to meet… 
> 
>   
Sorry for not helping before.
> 
>   
> 
> public class SampleTransformXSLT { 
> 
>   
> 
>    /**+ 
> 
>     * Method main 
> 
>     * 
> 
>     * @param args 
> 
>     * @throws Exception 
> 
>     */ 
> 
>    public static void main(String args[]) throws Exception { 
> 
>       org.apache.xml.security.Init.init(); 
> 
>   
> 
>       //J- 
> 
>       String transformStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/xslt.xslt")) ; 
> 
>   
> 
>       String inputStr =convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/CreateRx.xml")) ; 
> 
>       //J+ 
> 
>       javax.xml.parsers.DocumentBuilderFactory dbf = 
> 
>          javax.xml.parsers.DocumentBuilderFactory.newInstance(); 
> 
>   
> 
>       dbf.setNamespaceAware(true); 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); 
> 
>       org.w3c.dom.Document doc = 
> 
>          db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes())); 
> 
>       
> 
>       
> 
>       KeyPairGenerator pairGenerator = KeyPairGenerator.getInstance("RSA"); 
> 
>       KeyPair keyPair = pairGenerator.generateKeyPair(); 
> 
>       Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes())); 
> 
>       Document transformDoc = db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes())); 
> 
>       
> 
>       XMLSignature signer = new
> XMLSignature(sourceDoc,null,XMLSignature.ALGO_ID_SIGNATURE_RSA); 
> 
>       
> 
>       sourceDoc.getDocumentElement().appendChild(signer.getElement()); 
> 
>       
> 
>       Transforms transforms = new Transforms(sourceDoc); 
> 
>       
> 
>       transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE); 
> 
>   
> 
>       transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
> 
>       
> 
>       Node xslElem = transformDoc.getDocumentElement(); 
> 
>         Node xslElemImported = sourceDoc.importNode(xslElem, true); 
> 
>   
> 
>         transforms.addTransform(Transforms.TRANSFORM_XSLT,
> (org.w3c.dom.Element)xslElemImported); 
> 
>       
> 
>       signer.addDocument("",transforms,Constants.ALGO_ID_DIGEST_SHA1); 
> 
>        
> 
>       signer.addKeyInfo(keyPair.getPublic()); 
> 
>       
> 
>       System.out.println("Gunna Sign"); 
> 
>       signer.sign(keyPair.getPrivate()); 
> 
>       System.out.println("Completed Signing"); 
> 
>       
> 
>       XMLUtils.outputDOM(signer.getDocument(),new FileOutputStream(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml"))); 
> 
>   
> 
>       
> 
>       //call to verify 
> 
>       verify(keyPair.getPublic()); 
> 
>       
> 
>    } 
> 
>    
> 
>    
> 
>    
> 
>       private static String convertFileToString(File file) 
> 
>       { 
> 
>             StringBuffer buffer = new StringBuffer(); 
> 
>             try 
> 
>             { 
> 
>                   String line = null; 
> 
>                   FileInputStream fin = new FileInputStream(file); 
> 
>                   BufferedReader reader = 
> 
>                         new BufferedReader(new InputStreamReader(fin)); 
> 
>                   while ((line = reader.readLine()) != null) 
> 
>                   { 
> 
>                         buffer.append(line); 
> 
>                   } 
> 
>             } 
> 
>             catch (Exception exc) 
> 
>             { 
> 
>                   exc.printStackTrace(); 
> 
>             } 
> 
>             return buffer.toString(); 
> 
>       } 
> 
>    
> 
>       static 
> 
>       { 
> 
>             Init.init();      
> 
>       } 
> 
>    
> 
> } 
> 
>   
> 
> public static void verify(PublicKey publicKey) throws Exception { 
> 
>       
> 
>   
> 
>       //J- 
> 
>       String inputStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml")) ; 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilderFactory dbf = 
> 
>          javax.xml.parsers.DocumentBuilderFactory.newInstance(); 
> 
>   
> 
>       dbf.setNamespaceAware(true); 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder(); 
> 
>       
> 
>       Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes())); 
> 
>       
> 
>       Element dsigElement =
> (Element)sourceDoc.getDocumentElement().getLastChild(); 
> 
>       
> 
>       System.out.println(dsigElement.getNodeName()); 
> 
>       
> 
>       XMLSignature signer = new XMLSignature(dsigElement,null); 
> 
>             
> 
>       System.out.println("Gunna Decode"); 
> 
>       System.out.println(signer.checkSignatureValue(publicKey)); 
> 
>       System.out.println("Completed Decoding"); 
> 
>       
> 
>    } 
> 
>   
> 
> Best Always,
> ........................................................................................................................
> 
> Ritesh Aswaney
>  Mastek UK Ltd  
> 
> ( Mobile: +44 7909540132 
> 
> .........................................................................................................................
> 
>   
>  
>  ********************************************************************
>  
>  This email may contain information which is privileged or confidential. If
> you are not the intended recipient of this email, please notify the sender
> immediately and delete it without reading, copying, storing, forwarding or
> disclosing its contents to any other person
>  Thank you
>  
>  Check us out at http://www.bt.com/consulting
>  
>  ********************************************************************
>  


-- 
http://r-bg.com

Mime
View raw message