santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Invalid Reference Signature when I try to refer some XMLObject element
Date Thu, 01 Feb 2007 15:57:10 GMT
I'm sorry but I don't have the time to debug your problem. However, 
looking at the log file, the validation failure occurs because of this:

 > FINER: Pre-digested input:
 > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
 > FINER: <xsd:SignedProperties 
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#" 
Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails

Id="2" Username="miro">Miroslav 
Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
 > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
 > FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
 > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
 > FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=

You'll need to figure out why the digest is different. One way to do 
this is to also turn on debugging when *generating* the signature, and 
then carefully compare the Pre-digested input to the above to see what 
is different.

--Sean

Miroslav Nachev wrote:
> Dear Sean,
> 
> Please find the attached log file. The problem reference is 
> "L1.S1-SignedProperties".
> Do you have any suggestions how to solve this problem/bug?
> 
> 
> Best Regards,
> Miroslav Nachev
> 
> 
> Sean Mullan wrote:
>> Miroslav Nachev wrote:
>>> I will try your suggestions tomorrow, but I am not sure that this is 
>>> the problem. Before to quit from the office I found that the digest 
>>> value for this reference is different calculated for Signing and 
>>> Validation.
>>>
>>> The stack trace from Exception is missing because any exception is 
>>> not thrown. The boolean value "false" is returned for whole 
>>> signature. Then I check each time individually and see that the 
>>> problem is in this reference again without exception. Only "false" 
>>> value is returned.
>>>
>>> Because of the above I think that the digest algorithm for Signing 
>>> and Validation is different. And because the only difference are both 
>>> Namespaces in one element, I think that this is the real problem.
>>
>> Try enabling logging support and inspect what is being digested when 
>> signing and when validating. You should be able to precisely narrow 
>> down the problem (it is probably namespace related). I assume you are 
>> using JSR 105 from our previous correspondences. See this blog for 
>> more info on enabling the logging:
>>
>> http://weblogs.java.net/blog/mullan/archive/2006/02/more_xml_signat_1.html 
>>
>>
>> --Sean
>>
>>
> 
> 
> ------------------------------------------------------------------------
> 
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Marshalling Reference
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Adding digestValueElem
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Marshalling Reference
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Adding digestValueElem
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Marshalling Reference
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
> FINE: Adding digestValueElem
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#DOC1"
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID DOC1
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdUsingDOM
> FINE: getElementByIdUsingDOM() Search for ID DOC1
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID DOC1 and Element was [DataFile: null]
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <DataFile Id="DOC1"><FileAttributtes ContentType="compressed_base64"
LastModified="2004-05-25T12:34:04+0300" Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content
Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs
> 3rgrAAAA</Content></DataFile>
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference object uri = #DOC1
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference digesting completed
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#L1.S1-SignedProperties"
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID L1.S1-SignedProperties
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdUsingDOM
> FINE: getElementByIdUsingDOM() Search for ID L1.S1-SignedProperties
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID L1.S1-SignedProperties and Element was [xsd:SignedProperties:
null]
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <xsd:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails
Id="2" Username="miro">Miroslav Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference object uri = #L1.S1-SignedProperties
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference digesting completed
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementById
> FINE: I could find an Element using the simple getElementByIdType method: dsig:KeyInfo
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID L1.S1-KeyInfo and Element was [dsig:KeyInfo: null]
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT
> ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK
> BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt
> b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG
> A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D
> 
> T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p
> cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq
> hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP
> iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI
> oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs
> BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S
> ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG
> SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q
> hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE
> oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference object uri = #L1.S1-KeyInfo
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
> FINE: Reference digesting completed
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod sign
> FINE: Signature provider:SunPKCS11-Siemens-HiPath version 1.6
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod sign
> FINE: Signing with key: SunPKCS11-Siemens-HiPath RSA private key, 1024 bits (id 124128880,
token object, sensitive, unextractable)
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.transforms.Transform <init>
> FINE: Create URI "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" class
"class com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.transforms.Transform <init>
> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
> 2007-2-1 17:36:05 com.sun.org.apache.xml.internal.security.utils.ElementProxy setElement
> FINE: setElement(dsig:CanonicalizationMethod, "null"
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
> FINE: Created transform for algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
> FINE: isNodeSet() = true
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMSignedInfo canonicalize
> FINE: Canonicalized SignedInfo:
> <dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></dsig:CanonicalizationMethod><dsig:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference
URI="#DOC1"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference
Type="http://uri.etsi.org/01903#SignedProperties" URI="#L1.S1-SignedProperties"><dsig:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference
URI="#L1.S1-KeyInfo"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI
n!
>  fo>
> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMSignedInfo canonicalize
> FINE: Data to be signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
> bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3
> dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz
> aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht
> PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu
> YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv
> ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz
> aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr
> Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug
> VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM
> MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw
> Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48
> ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz
> dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu
> Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
> MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr
> TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy
> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
> 2007-2-1 17:36:06 org.jcp.xml.dsig.internal.dom.DOMXMLSignature sign
> FINE: SignatureValue = [B@1efbbb1
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#DOC1"
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID DOC1
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdUsingDOM
> FINE: getElementByIdUsingDOM() Search for ID DOC1
> 2007-2-1 17:36:18 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID DOC1 and Element was [DataFile: null]
> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <DataFile Id="DOC1"><FileAttributtes ContentType="compressed_base64"
LastModified="2004-05-25T12:34:04+0300" Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content
Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs
> 3rgrAAAA</Content></DataFile>
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Expected digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Actual digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
> FINE: Reference[#DOC1] is valid: true
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#L1.S1-SignedProperties"
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID L1.S1-SignedProperties
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdUsingDOM
> FINE: getElementByIdUsingDOM() Search for ID L1.S1-SignedProperties
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID L1.S1-SignedProperties and Element was [xsd:SignedProperties:
null]
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <xsd:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#"
Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails
Id="2" Username="miro">Miroslav Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
> FINE: Reference[#L1.S1-SignedProperties] is valid: false
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
> FINE: Couldn't validate the References
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod verify
> FINE: Signature provider:SunRsaSign version 1.5
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod verify
> FINE: verifying with key: Sun RSA public key, 1024 bits
>   modulus: 168164527555608136888830022857056132023036777656418518049464251253737723792048985548139271763061864520875701968328564748366237424723155092944235075765817478111725643802025622853273984978027240469613154811874843038396779307309442362407952606871051501808113074993835124868184526839845834261024714072735447928201
>   public exponent: 65537
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.transforms.Transform <init>
> FINE: Create URI "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" class
"class com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.transforms.Transform <init>
> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.ElementProxy setElement
> FINE: setElement(dsig:CanonicalizationMethod, "null"
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
> FINE: Created transform for algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
> FINE: isNodeSet() = true
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMSignedInfo canonicalize
> FINE: Canonicalized SignedInfo:
> <dsig:SignedInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></dsig:CanonicalizationMethod><dsig:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference
URI="#DOC1"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference
Type="http://uri.etsi.org/01903#SignedProperties" URI="#L1.S1-SignedProperties"><dsig:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference
URI="#L1.S1-KeyInfo"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI
n!
>  fo>
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMSignedInfo canonicalize
> FINE: Data to be signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
> bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3
> dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz
> aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht
> PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu
> YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv
> ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz
> aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr
> Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug
> VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM
> MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw
> Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48
> ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz
> dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu
> Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
> MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr
> TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy
> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
engineCanResolve
> FINE: quick fail for empty URIs and local ones
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
getInstance
> FINE: check resolvability by class com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineCanResolve
> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdType
> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.IdResolver getElementByIdUsingDOM
> FINE: getElementByIdUsingDOM() Search for ID L1.S1-KeyInfo
> 2007-2-1 17:36:19 com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
engineResolve
> FINE: Try to catch an Element with ID L1.S1-KeyInfo and Element was [dsig:KeyInfo: null]
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: URIDereferencer class name: org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: Pre-digested input:
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> FINER: <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT
> ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK
> BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt
> b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG
> A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D
> T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p
> cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq
> hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP
> iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI
> oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs
> BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S
> ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG
> SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q
> hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE
> oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Expected digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> FINE: Actual digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
> BUILD SUCCESSFUL (total time: 1 minute 34 seconds)


Mime
View raw message