santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pushyamitra Navare <pushyamitra.nav...@gmail.com>
Subject Verification problems
Date Tue, 19 Apr 2005 05:39:57 GMT
Hi,

Two Signature Elements (e1,e2) which seem to be equal (when serialised)
but one is verified and other is not.

something like this -

...
Verifying e1 ...
19 Apr, 2005 10:11:20 AM org.apache.xml.security.signature.Reference verify
INFO: Verification successful for URI ""
...

Result of e1.equalsNode(e2)  is:-  true

...
// Now this fails.
Verifying e2 ...
19 Apr, 2005 10:11:21 AM org.apache.xml.security.signature.Reference verify
WARNING: Verification failed for URI ""


Now i am sending e1 from one module and receiving e2 at other.
and then I get verification failure .

I have also attached the dump of signature i am trying to verify.

Someone please tell me 
 
* Does verification of a signature depends on only on the element Signature 
  or else. 
 
* I mean If Element attributes like parent node , baseURI , ownerDocument
  ( which are not considered in equalNode() method )
  are they significant for signature verification ?

 * Also , Can i know the reason for failure ?

 * And , How do i solve this problem?

someone plz help me,

thanks,

Pushya.

--

These are the code fragments i use,

// Verify method.
public boolean Verify(Element e) throws Exception
    {
        XMLSignature xmlSignature =  
         = new XMLSignature( (Element)e , "" );

        KeyInfo ki = xmlSignature.getKeyInfo();
        X509Certificate cert = xmlSignature.getKeyInfo().getX509Certificate();
        cert.checkValidity();
        boolean Result = xmlSignature.checkSignatureValue(cert);
        return Result;
    }


  ...
  ... 
                System.out.println("Verifying e1 ...");
                Verify(e1);

                System.out.println("Result of e1.equalsNode(e2) is: " +     
(e1.isEqualNode(e2)));

                System.out.println("Verifying e2 ...");
                Verify(e2);

--
Pushyamitra Navare

Mime
View raw message