santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Ritesh.Aswa...@syntegra.com>
Subject RE: Help - DSIG Verification
Date Tue, 01 Mar 2005 12:54:29 GMT
Hello Raul and everyone else,

Thanks for the pointer, but is there something specific that you can see
which I m doing blatantly wrong, because I've stuck to the DSig sample and
coded, so wonder why I can't verify the signature, when I m using the correct
keys.

One doubt, when I m not signing files, how does the Signature Verifier know
where it has to resolve the document which it signed reference to? Also, the
verifier XMLSignature constructor, doesn't take any input algorithm. Is that
why I am not able to verify ?

Looking from pointers at u guys...
Thanks,
Ritesh


-----Original Message-----
From: Raul Benito [mailto:raul.benito.garcia@gmail.com] 
Sent: 01 March 2005 08:36
To: security-dev@xml.apache.org
Subject: Re: Help - DSIG Verification

I haven't look in enought detail on this, so I´m only going to answer
the theoricall things.



On Fri, 25 Feb 2005 12:08:56 -0000, Ritesh.Aswaney@syntegra.com
<Ritesh.Aswaney@syntegra.com> wrote:
>  
>  
> 
> People, 
> 
>   
> 
> I've managed to create a DSIG with a XSLT Transform and exclusive
> canonicalization. 
> 
> If someone can answer a few queries for me : 
> 
>   
> 
> 1)    With the code I've written below, can I be sure that the API
> internally applies canonicalization and the XSLT Transform, before
> calculating the Hash and finally the Signature Value ? 
Yes, the code always c14n everything that is going to be sign.
> 
> 2)    When I invoke the verification call, it fails with the following
> result : 
> 
>   
> 
> Gunna Sign 
> 
> Completed Signing 
> 
> Gunna Decode 
> 
> 25-Feb-2005 11:49:20 org.apache.xml.security.signature.Reference verify>
  
> INFO: Verification successful for URI "" 
> 
> Verification Result : false 
> 
> Completed Decoding 
> 
>   
It means that the hash is correct, but the signature not.
> 
> Why is this verification failing ? When I m passing the correct public
key...
> and what does the log generated by the API signify ? 
> 
> Someone please help !  I have a deadline to meet... 
> 
>   
Sorry for not helping before.
> 
>   
> 
> public class SampleTransformXSLT { 
> 
>   
> 
>    /**+ 
> 
>     * Method main 
> 
>     * 
> 
>     * @param args 
> 
>     * @throws Exception 
> 
>     */ 
> 
>    public static void main(String args[]) throws Exception { 
> 
>       org.apache.xml.security.Init.init(); 
> 
>   
> 
>       //J- 
> 
>       String transformStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/xslt.xslt")) ; 
> 
>   
> 
>       String inputStr =convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/CreateRx.xml")) ; 
> 
>       //J+ 
> 
>       javax.xml.parsers.DocumentBuilderFactory dbf = 
> 
>          javax.xml.parsers.DocumentBuilderFactory.newInstance(); 
> 
>   
> 
>       dbf.setNamespaceAware(true); 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();>
  
>       org.w3c.dom.Document doc = 
> 
>          db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes())); 
> 
>       
> 
>       
> 
>       KeyPairGenerator pairGenerator = KeyPairGenerator.getInstance("RSA");

> 
>       KeyPair keyPair = pairGenerator.generateKeyPair(); 
> 
>       Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes())); 
> 
>       Document transformDoc = db.parse(new
> java.io.ByteArrayInputStream(transformStr.getBytes())); 
> 
>       
> 
>       XMLSignature signer = new
> XMLSignature(sourceDoc,null,XMLSignature.ALGO_ID_SIGNATURE_RSA); 
> 
>       
> 
>       sourceDoc.getDocumentElement().appendChild(signer.getElement()); 
> 
>       
> 
>       Transforms transforms = new Transforms(sourceDoc); 
> 
>       
> 
>       transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);>
  
>   
> 
>
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
> 
>       
> 
>       Node xslElem = transformDoc.getDocumentElement(); 
> 
>         Node xslElemImported = sourceDoc.importNode(xslElem, true); 
> 
>   
> 
>         transforms.addTransform(Transforms.TRANSFORM_XSLT,
> (org.w3c.dom.Element)xslElemImported); 
> 
>       
> 
>       signer.addDocument("",transforms,Constants.ALGO_ID_DIGEST_SHA1); 
> 
>        
> 
>       signer.addKeyInfo(keyPair.getPublic()); 
> 
>       
> 
>       System.out.println("Gunna Sign"); 
> 
>       signer.sign(keyPair.getPrivate()); 
> 
>       System.out.println("Completed Signing"); 
> 
>       
> 
>       XMLUtils.outputDOM(signer.getDocument(),new FileOutputStream(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml"))); 
> 
>   
> 
>       
> 
>       //call to verify 
> 
>       verify(keyPair.getPublic()); 
> 
>       
> 
>    } 
> 
>    
> 
>    
> 
>    
> 
>       private static String convertFileToString(File file) 
> 
>       { 
> 
>             StringBuffer buffer = new StringBuffer(); 
> 
>             try 
> 
>             { 
> 
>                   String line = null; 
> 
>                   FileInputStream fin = new FileInputStream(file); 
> 
>                   BufferedReader reader = 
> 
>                         new BufferedReader(new InputStreamReader(fin));>
  
>                   while ((line = reader.readLine()) != null) 
> 
>                   { 
> 
>                         buffer.append(line); 
> 
>                   } 
> 
>             } 
> 
>             catch (Exception exc) 
> 
>             { 
> 
>                   exc.printStackTrace(); 
> 
>             } 
> 
>             return buffer.toString(); 
> 
>       } 
> 
>    
> 
>       static 
> 
>       { 
> 
>             Init.init();      
> 
>       } 
> 
>    
> 
> } 
> 
>   
> 
> public static void verify(PublicKey publicKey) throws Exception { 
> 
>       
> 
>   
> 
>       //J- 
> 
>       String inputStr = convertFileToString(new
> File("D:/eclipse/workspace/XMLDSig/dataFiles/sign.xml")) ; 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilderFactory dbf = 
> 
>          javax.xml.parsers.DocumentBuilderFactory.newInstance(); 
> 
>   
> 
>       dbf.setNamespaceAware(true); 
> 
>   
> 
>       javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();>
  
>       
> 
>       Document sourceDoc = db.parse(new
> java.io.ByteArrayInputStream(inputStr.getBytes())); 
> 
>       
> 
>       Element dsigElement =
> (Element)sourceDoc.getDocumentElement().getLastChild(); 
> 
>       
> 
>       System.out.println(dsigElement.getNodeName()); 
> 
>       
> 
>       XMLSignature signer = new XMLSignature(dsigElement,null); 
> 
>             
> 
>       System.out.println("Gunna Decode"); 
> 
>       System.out.println(signer.checkSignatureValue(publicKey)); 
> 
>       System.out.println("Completed Decoding"); 
> 
>       
> 
>    } 
> 



********************************************************************

This email may contain information which is privileged or confidential. If you are not the
intended recipient of this email, please notify the sender immediately and delete it without
reading, copying, storing, forwarding or disclosing its contents to any other person
Thank you

Check us out at http://www.bt.com/consulting

********************************************************************


Mime
View raw message