santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Miroslav Nachev <m...@space-comm.com>
Subject Re: Invalid Reference Signature when I try to refer some XMLObject element
Date Thu, 01 Feb 2007 16:35:51 GMT
This is very strange because *"xmlns:xsd"* attribute is missing during 
signing? Actually this attribute exists in the Element.

Sign:
2007-2-1 18:20:56 org.jcp.xml.dsig.internal.DigesterOutputStream write
<xsd:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
                      Id="L1.S1-SignedProperties">
  <xsd:SignedSignatureProperties>
    <xsd:SigningTime>2007-02-01T18:20:56+0200</xsd:SigningTime>
    <xsd:SignerDetails Id="2" Username="miro">Miroslav 
Nachev</xsd:SignerDetails>
  </xsd:SignedSignatureProperties>
</xsd:SignedProperties>

Verify:
2007-2-1 18:23:34 org.jcp.xml.dsig.internal.DigesterOutputStream write
<xsd:SignedProperties xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
                      xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#"
                      Id="L1.S1-SignedProperties">
  <xsd:SignedSignatureProperties>
    <xsd:SigningTime>2007-02-01T18:20:56+0200</xsd:SigningTime>
    <xsd:SignerDetails Id="2" Username="miro">Miroslav 
Nachev</xsd:SignerDetails>
  </xsd:SignedSignatureProperties>
</xsd:SignedProperties>


Sean Mullan wrote:
> I'm sorry but I don't have the time to debug your problem. However, 
> looking at the log file, the validation failure occurs because of this:
>
> > FINER: Pre-digested input:
> > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
> > FINER: <xsd:SignedProperties 
> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
> xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#" 
> Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails

> Id="2" Username="miro">Miroslav 
> Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>

>
> > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> > FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
> > 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
> > FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=
>
> You'll need to figure out why the digest is different. One way to do 
> this is to also turn on debugging when *generating* the signature, and 
> then carefully compare the Pre-digested input to the above to see what 
> is different.
>
> --Sean
>
> Miroslav Nachev wrote:
>> Dear Sean,
>>
>> Please find the attached log file. The problem reference is 
>> "L1.S1-SignedProperties".
>> Do you have any suggestions how to solve this problem/bug?
>>
>>
>> Best Regards,
>> Miroslav Nachev
>>
>>
>> Sean Mullan wrote:
>>> Miroslav Nachev wrote:
>>>> I will try your suggestions tomorrow, but I am not sure that this 
>>>> is the problem. Before to quit from the office I found that the 
>>>> digest value for this reference is different calculated for Signing 
>>>> and Validation.
>>>>
>>>> The stack trace from Exception is missing because any exception is 
>>>> not thrown. The boolean value "false" is returned for whole 
>>>> signature. Then I check each time individually and see that the 
>>>> problem is in this reference again without exception. Only "false" 
>>>> value is returned.
>>>>
>>>> Because of the above I think that the digest algorithm for Signing 
>>>> and Validation is different. And because the only difference are 
>>>> both Namespaces in one element, I think that this is the real problem.
>>>
>>> Try enabling logging support and inspect what is being digested when 
>>> signing and when validating. You should be able to precisely narrow 
>>> down the problem (it is probably namespace related). I assume you 
>>> are using JSR 105 from our previous correspondences. See this blog 
>>> for more info on enabling the logging:
>>>
>>> http://weblogs.java.net/blog/mullan/archive/2006/02/more_xml_signat_1.html 
>>>
>>>
>>> --Sean
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Marshalling Reference
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Adding digestValueElem
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Marshalling Reference
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Adding digestValueElem
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Marshalling Reference
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference marshal
>> FINE: Adding digestValueElem
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#DOC1"
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID DOC1
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdUsingDOM
>> FINE: getElementByIdUsingDOM() Search for ID DOC1
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID DOC1 and Element was [DataFile: 
>> null]
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <DataFile Id="DOC1"><FileAttributtes 
>> ContentType="compressed_base64" 
>> LastModified="2004-05-25T12:34:04+0300" 
>> Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content

>> Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs

>>
>> 3rgrAAAA</Content></DataFile>
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference object uri = #DOC1
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference digesting completed
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#L1.S1-SignedProperties"
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID L1.S1-SignedProperties
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdUsingDOM
>> FINE: getElementByIdUsingDOM() Search for ID L1.S1-SignedProperties
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID L1.S1-SignedProperties and 
>> Element was [xsd:SignedProperties: null]
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <xsd:SignedProperties 
>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
>> Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails

>> Id="2" Username="miro">Miroslav 
>> Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>

>>
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference object uri = #L1.S1-SignedProperties
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference digesting completed
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver getElementById
>> FINE: I could find an Element using the simple getElementByIdType 
>> method: dsig:KeyInfo
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID L1.S1-KeyInfo and Element was 
>> [dsig:KeyInfo: null]
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
>> Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT

>>
>> ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK 
>>
>> BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt 
>>
>> b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG 
>>
>> A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D 
>>
>>
>> T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p 
>>
>> cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq 
>>
>> hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP 
>>
>> iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI 
>>
>> oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs 
>>
>> BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S 
>>
>> ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG 
>>
>> SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q 
>>
>> hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE 
>>
>> oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>

>>
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference object uri = #L1.S1-KeyInfo
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMReference digest
>> FINE: Reference digesting completed
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod 
>> sign
>> FINE: Signature provider:SunPKCS11-Siemens-HiPath version 1.6
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod 
>> sign
>> FINE: Signing with key: SunPKCS11-Siemens-HiPath RSA private key, 
>> 1024 bits (id 124128880, token object, sensitive, unextractable)
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.transforms.Transform <init>
>> FINE: Create URI 
>> "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" class 
>> "class 
>> com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"

>>
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.transforms.Transform <init>
>> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
>> 2007-2-1 17:36:05 
>> com.sun.org.apache.xml.internal.security.utils.ElementProxy setElement
>> FINE: setElement(dsig:CanonicalizationMethod, "null"
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer 
>> transform
>> FINE: Created transform for algorithm: 
>> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer 
>> transform
>> FINE: isNodeSet() = true
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMSignedInfo 
>> canonicalize
>> FINE: Canonicalized SignedInfo:
>> <dsig:SignedInfo 
>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod

>> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></dsig:CanonicalizationMethod><dsig:SignatureMethod

>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference

>> URI="#DOC1"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference

>> Type="http://uri.etsi.org/01903#SignedProperties" 
>> URI="#L1.S1-SignedProperties"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference

>> URI="#L1.S1-KeyInfo"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI

>>
> n!
>>  fo>
>> 2007-2-1 17:36:05 org.jcp.xml.dsig.internal.dom.DOMSignedInfo 
>> canonicalize
>> FINE: Data to be 
>> signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht

>>
>> bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3 
>>
>> dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz 
>>
>> aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht 
>>
>> PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu 
>>
>> YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv 
>>
>> ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz 
>>
>> aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr 
>>
>> Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug 
>>
>> VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM 
>>
>> MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw 
>>
>> Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48 
>>
>> ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz 
>>
>> dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu 
>>
>> Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv 
>>
>> MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr 
>>
>> TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy 
>>
>> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
>> 2007-2-1 17:36:06 org.jcp.xml.dsig.internal.dom.DOMXMLSignature sign
>> FINE: SignatureValue = [B@1efbbb1
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#DOC1"
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID DOC1
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdUsingDOM
>> FINE: getElementByIdUsingDOM() Search for ID DOC1
>> 2007-2-1 17:36:18 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID DOC1 and Element was [DataFile: 
>> null]
>> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:18 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <DataFile Id="DOC1"><FileAttributtes 
>> ContentType="compressed_base64" 
>> LastModified="2004-05-25T12:34:04+0300" 
>> Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content

>> Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs

>>
>> 3rgrAAAA</Content></DataFile>
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Expected digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Actual digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
>> FINE: Reference[#DOC1] is valid: true
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#L1.S1-SignedProperties"
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID L1.S1-SignedProperties
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdUsingDOM
>> FINE: getElementByIdUsingDOM() Search for ID L1.S1-SignedProperties
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID L1.S1-SignedProperties and 
>> Element was [xsd:SignedProperties: null]
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <xsd:SignedProperties 
>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
>> xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#" 
>> Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails

>> Id="2" Username="miro">Miroslav 
>> Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>

>>
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
>> FINE: Reference[#L1.S1-SignedProperties] is valid: false
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMXMLSignature validate
>> FINE: Couldn't validate the References
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod 
>> verify
>> FINE: Signature provider:SunRsaSign version 1.5
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod 
>> verify
>> FINE: verifying with key: Sun RSA public key, 1024 bits
>>   modulus: 
>> 168164527555608136888830022857056132023036777656418518049464251253737723792048985548139271763061864520875701968328564748366237424723155092944235075765817478111725643802025622853273984978027240469613154811874843038396779307309442362407952606871051501808113074993835124868184526839845834261024714072735447928201

>>
>>   public exponent: 65537
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.transforms.Transform <init>
>> FINE: Create URI 
>> "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" class 
>> "class 
>> com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"

>>
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.transforms.Transform <init>
>> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.ElementProxy setElement
>> FINE: setElement(dsig:CanonicalizationMethod, "null"
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer 
>> transform
>> FINE: Created transform for algorithm: 
>> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer 
>> transform
>> FINE: isNodeSet() = true
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMSignedInfo 
>> canonicalize
>> FINE: Canonicalized SignedInfo:
>> <dsig:SignedInfo 
>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod

>> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"></dsig:CanonicalizationMethod><dsig:SignatureMethod

>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference

>> URI="#DOC1"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference

>> Type="http://uri.etsi.org/01903#SignedProperties" 
>> URI="#L1.S1-SignedProperties"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference

>> URI="#L1.S1-KeyInfo"><dsig:DigestMethod 
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI

>>
> n!
>>  fo>
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMSignedInfo 
>> canonicalize
>> FINE: Data to be 
>> signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht

>>
>> bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3 
>>
>> dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz 
>>
>> aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht 
>>
>> PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu 
>>
>> YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv 
>>
>> ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz 
>>
>> aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr 
>>
>> Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug 
>>
>> VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM 
>>
>> MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw 
>>
>> Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48 
>>
>> ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz 
>>
>> dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu 
>>
>> Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv 
>>
>> MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr 
>>
>> TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy 
>>
>> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP

>> engineCanResolve
>> FINE: quick fail for empty URIs and local ones
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver 
>> getInstance
>> FINE: check resolvability by class 
>> com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineCanResolve
>> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdType
>> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.IdResolver 
>> getElementByIdUsingDOM
>> FINE: getElementByIdUsingDOM() Search for ID L1.S1-KeyInfo
>> 2007-2-1 17:36:19 
>> com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment

>> engineResolve
>> FINE: Try to catch an Element with ID L1.S1-KeyInfo and Element was 
>> [dsig:KeyInfo: null]
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: URIDereferencer class name: 
>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference dereference
>> FINE: Data class name: org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: Pre-digested input:
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.DigesterOutputStream write
>> FINER: <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" 
>> Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT

>>
>> ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK 
>>
>> BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt 
>>
>> b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG 
>>
>> A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D 
>>
>> T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p 
>>
>> cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq 
>>
>> hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP 
>>
>> iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI 
>>
>> oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs 
>>
>> BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S 
>>
>> ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG 
>>
>> SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q 
>>
>> hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE 
>>
>> oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>

>>
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Expected digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
>> 2007-2-1 17:36:19 org.jcp.xml.dsig.internal.dom.DOMReference validate
>> FINE: Actual digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
>> BUILD SUCCESSFUL (total time: 1 minute 34 seconds)
>
>


Mime
View raw message