Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 15415 invoked from network); 30 Mar 2005 14:37:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 30 Mar 2005 14:37:06 -0000 Received: (qmail 20759 invoked by uid 500); 30 Mar 2005 14:37:05 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 20721 invoked by uid 500); 30 Mar 2005 14:37:05 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Reply-To: security-dev@xml.apache.org Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 20708 invoked by uid 99); 30 Mar 2005 14:37:04 -0000 X-ASF-Spam-Status: No, hits=0.5 required=10.0 tests=FROM_ENDS_IN_NUMS X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from web26504.mail.ukl.yahoo.com (HELO web26504.mail.ukl.yahoo.com) (217.146.176.41) by apache.org (qpsmtpd/0.28) with SMTP; Wed, 30 Mar 2005 06:37:03 -0800 Received: (qmail 56134 invoked by uid 60001); 30 Mar 2005 14:37:00 -0000 Message-ID: <20050330143700.56132.qmail@web26504.mail.ukl.yahoo.com> Received: from [62.161.120.43] by web26504.mail.ukl.yahoo.com via HTTP; Wed, 30 Mar 2005 16:37:00 CEST Date: Wed, 30 Mar 2005 16:37:00 +0200 (CEST) From: def abc Subject: Verifying enveloped signatures. To: security-dev@xml.apache.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi all, I posted a while ago a problem on verifying an enveloped signature, but unfortunately haven't had any answer to it. Could somebody help me out here ? I get enveloping and detached signautres correctly verified, but no way for enveloped ones... I basically pasted parts of my code below Regards. ------------- // init org.apache.xml.security.Init.init(); dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); db = dbf.newDocumentBuilder(); // parse input file: input = db.parse(MyFileInputStream); inputURI = f.toURI(); // set output stream output = new FileOutputStream(xxxxxx); outputURI = f.toURI(); // get private & public key ks = KeyStore.getInstance("JKS"); fks = new FileInputStream(keystore_name); ks.load(fks, keystore_password.toCharArray()); prvkey = (PrivateKey) ks.getKey(key_alias, key_password.toCharArray()); cert = (X509Certificate) ks.getCertificate(key_alias); pubkey = cert.getPublicKey(); // perform the signature XMLSignature signature; signature = new XMLSignature(input, inputURI.toString(), XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1); Transforms transforms = new Transforms(input); transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE); transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS); signature.addDocument("", transforms); signature.sign(prvkey); Element root = input.getDocumentElement(); root.appendChild(signature.getElement()); XMLUtils.outputDOMc14nWithComments(input, output); output.close(); // verify signature Document doc = db.parse(); NodeList dsNodeList = doc.getElementsByTagName("ds:Signature"); if (dsNodeList.getLength() == 0) throw new IOException("No signature in file"); Element dsElement = (Element) dsNodeList.item(0); XMLSignature signature = new XMLSignature(dsElement, outputURI.toString()); return signature.checkSignatureValue(pubkey); __________________________________________________________________ D�couvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Cr�ez votre Yahoo! Mail sur http://fr.mail.yahoo.com/