santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Invalid Reference Signature when I try to refer some XMLObject element
Date Mon, 05 Feb 2007 20:27:40 GMT
Miroslav Nachev wrote:
> Do you know which class in JDK6 is the equivalent of ** 
> "org.apache.xml.security.transforms.Transforms"?**

The JSR 105 API (which is in JDK 6 and is now also a part of XMLSec 1.4) 
uses a java.util.List to hold Transform objects. You just need to pass 
this List as a parameter to the newReference method (there are several 
overloaded methods) of XMLSignatureFactory. See the javadoc for 
XMLSignatureFactory.newReference for more info.

--Sean

> 
> My existing application is as follow:
>        
>         Reference spReference = fac.newReference(sp.getId(), dm, null, 
> XAdES_TYPE + "SignedProperties", null);
>         referencesIdList.add(spReference);
> 
>         XMLSignatureFactory fac = getXMLSignatureFactory();
>         CanonicalizationMethod cm = fac.newCanonicalizationMethod(
>             CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,
>             (C14NMethodParameterSpec)null);
> 
>         List<Reference> documentReferences = 
> getReferences(referencesIdList);
>         String keyInfoId = getKeyInfoId(signatureIdPrefix);
>         documentReferences.add(fac.newReference("#" + keyInfoId, 
> getDigestMethod()));
> 
>         SignatureMethod sm = 
> fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
>         SignedInfo si = fac.newSignedInfo(cm, sm, documentReferences);
> 
>         XMLSignature signature = fac.newXMLSignature(si,
>                                                      
> newKeyInfo(certificate, keyInfoId),
>                                                      getXMLObjects(),
>                                                      signatureId,
>                                                      signatureValueId);
>         DOMSignContext signContext = new DOMSignContext(privateKey, 
> baseElement);
>         signContext.putNamespacePrefix(XMLSignature.XMLNS, 
> XML_SIGNATURE_PREFIX);
>         signContext.putNamespacePrefix(BasicXAdES.XMLNS, 
> BasicXAdES.XMLNS_PREFIX);
>         signature.sign(signContext);
> 
> *With which class to replace "Transforms" and where and how to use it?*
> 
> 
> Miro.
> 
> Lijun Liao wrote:
>>        Document doc = ...;
>>        XMLSignature sig = ...;
>>        Transforms trans = new Transforms(doc);
>>        trans.addTransform(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
>>        sig.addDocument("#id-abc", trans);
>>
>> On 2/3/07, *Miroslav Nachev* <miro@space-comm.com 
>> <mailto:miro@space-comm.com>> wrote:
>>
>>     Dear Lijin,
>>
>>     Thank you for the suggestion. I try to add but without success.
>>     Maybe I will need of help. Can you send me some source code where
>>     to see how to add this to the reference?
>>
>>     Thank you in advance.
>>
>>
>>     Best Regards,
>>     Miroslav Nachev
>>
>>
>>
>>     Lijun Liao wrote:
>>>       <dsig:Reference Type=" ...#SignedProperties
>>>     <http://uri.etsi.org/01903/v1.3.2#SignedProperties>"
>>>     URI="#L1.S1-SignedProperties">
>>>          <dsig:DigestMethod
>>>     Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>>          <dsig:DigestValue>...</dsig:DigestValue>
>>>        </dsig:Reference>
>>>     Try add the EXC-C14N to the reference.
>>>
>>>     On 2/3/07, * Miroslav Nachev* <miro@space-comm.com
>>>     <mailto:miro@space-comm.com>> wrote:
>>>
>>>         Dear Sean,
>>>
>>>         Because after writing the Document to the file using
>>>             "XMLUtils.outputDOMc14nWithComments(node, outStream)",
>>>         the document structure is correct. Is it possible to use some
>>>         kind of
>>>         transformations/canonicalization to have the same correct
>>>         structure
>>>         before to sign the data?
>>>
>>>
>>>         Best Regards,
>>>         Miroslav Nachev
>>>
>>>         Miroslav Nachev wrote:
>>>         > Dear Sean,
>>>         >
>>>         > When starting the attached Java file (test case) you will
>>>         see the
>>>         > following result:
>>>         >
>>>         > The document from memory is: Valid
>>>         > The document from file is: Invalid
>>>         >
>>>         >
>>>         > Best Regards,
>>>         > Miroslav Nachev
>>>         >
>>>         >
>>>         >
>>>         > Sean Mullan wrote:
>>>         >> Miroslav Nachev wrote:
>>>         >>> Dear Sean,
>>>         >>>
>>>         >>> Why during validation JSR 105 takes "xmlns:xsd" attribute
>>>         in case
>>>         >>> that this attribute is not set explicit to this element? This
>>>         >>> attribute is set explicit to the parent of this element.
>>>         And why
>>>         >>> this is not happen during signing?
>>>         >>
>>>         >> It could be a bug, but I can't really tell without running
>>>         your code.
>>>         >> When you create your QualifyingProperties element, do you
>>>         explicitly
>>>         >> set the xsd namespace attribute with the
>>>         Element.setAttributeNS method?
>>>         >>
>>>         >> I would recommend you file a bug and attach a test case
>>>         that we can
>>>         >> run to reproduce the problem.
>>>         >>
>>>         >> Thanks,
>>>         >> Sean
>>>         >>
>>>         >>> How to set JSR 105 to take the same attributes in both
>>>         processing:
>>>         >>> signing and validation?
>>>         >>>
>>>         >>>
>>>         >>> Best Regards,
>>>         >>> Miroslav Nachev
>>>         >>>
>>>         >>> Miroslav Nachev wrote:
>>>         >>>> This is very strange because *"xmlns:xsd"* attribute is
>>>         missing
>>>         >>>> during signing? Actually this attribute exists in the
>>>         Element.
>>>         >>>>
>>>         >>>> Sign:
>>>         >>>> 2007-2-1 18:20:56
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream write
>>>         >>>> <xsd:SignedProperties xmlns:dsig="
>>>         http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>                       Id="L1.S1-SignedProperties">
>>>         >>>>   <xsd:SignedSignatureProperties>
>>>         >>>>    
>>>         <xsd:SigningTime>2007-02-01T18:20:56+0200</xsd:SigningTime>
>>>         >>>>     <xsd:SignerDetails Id="2" Username="miro">Miroslav
>>>         >>>> Nachev</xsd:SignerDetails>
>>>         >>>>   </xsd:SignedSignatureProperties>
>>>         >>>> </xsd:SignedProperties>
>>>         >>>>
>>>         >>>> Verify:
>>>         >>>> 2007-2-1 18:23:34
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream write
>>>         >>>> <xsd:SignedProperties xmlns:dsig="
>>>         http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>                      
>>>         xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#"
>>>         >>>>                       Id=" L1.S1-SignedProperties">
>>>         >>>>   <xsd:SignedSignatureProperties>
>>>         >>>>    
>>>         <xsd:SigningTime>2007-02-01T18:20:56+0200</xsd:SigningTime>
>>>         >>>>     <xsd:SignerDetails Id="2" Username="miro">Miroslav
>>>         >>>> Nachev</xsd:SignerDetails>
>>>         >>>>   </xsd:SignedSignatureProperties>
>>>         >>>> </xsd:SignedProperties>
>>>         >>>>
>>>         >>>>
>>>         >>>> Sean Mullan wrote:
>>>         >>>>> I'm sorry but I don't have the time to debug your problem.
>>>         >>>>> However, looking at the log file, the validation failure
>>>         occurs
>>>         >>>>> because of this:
>>>         >>>>>
>>>         >>>>> > FINER: Pre-digested input:
>>>         >>>>> > 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>> write
>>>         >>>>> > FINER: <xsd:SignedProperties
>>>         >>>>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>> xmlns:xsd="http://uri.etsi.org/01903/v1.3.2#
>>>         <http://uri.etsi.org/01903/v1.3.2#>"
>>>         >>>>>
>>>         Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails
>>>         >>>>> Id="2" Username="miro">Miroslav
>>>         >>>>>
>>>         Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
>>>         >>>>>
>>>         >>>>> > 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>> validate
>>>         >>>>> > FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
>>>         >>>>> > 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>> validate
>>>         >>>>> > FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=
>>>         >>>>>
>>>         >>>>> You'll need to figure out why the digest is different.
>>>         One way to
>>>         >>>>> do this is to also turn on debugging when *generating* the
>>>         >>>>> signature, and then carefully compare the Pre-digested
>>>         input to
>>>         >>>>> the above to see what is different.
>>>         >>>>>
>>>         >>>>> --Sean
>>>         >>>>>
>>>         >>>>> Miroslav Nachev wrote:
>>>         >>>>>> Dear Sean,
>>>         >>>>>>
>>>         >>>>>> Please find the attached log file. The problem reference is
>>>         >>>>>> " L1.S1-SignedProperties".
>>>         >>>>>> Do you have any suggestions how to solve this problem/bug?
>>>         >>>>>>
>>>         >>>>>>
>>>         >>>>>> Best Regards,
>>>         >>>>>> Miroslav Nachev
>>>         >>>>>>
>>>         >>>>>>
>>>         >>>>>> Sean Mullan wrote:
>>>         >>>>>>> Miroslav Nachev wrote:
>>>         >>>>>>>> I will try your suggestions tomorrow, but I am not
>>>         sure that
>>>         >>>>>>>> this is the problem. Before to quit from the office I
>>>         found
>>>         >>>>>>>> that the digest value for this reference is different
>>>         >>>>>>>> calculated for Signing and Validation.
>>>         >>>>>>>>
>>>         >>>>>>>> The stack trace from Exception is missing because any
>>>         exception
>>>         >>>>>>>> is not thrown. The boolean value "false" is returned
>>>         for whole
>>>         >>>>>>>> signature. Then I check each time individually and
>>>         see that the
>>>         >>>>>>>> problem is in this reference again without exception.
>>>         Only
>>>         >>>>>>>> "false" value is returned.
>>>         >>>>>>>>
>>>         >>>>>>>> Because of the above I think that the digest
>>>         algorithm for
>>>         >>>>>>>> Signing and Validation is different. And because the
>>>         only
>>>         >>>>>>>> difference are both Namespaces in one element, I
>>>         think that
>>>         >>>>>>>> this is the real problem.
>>>         >>>>>>>
>>>         >>>>>>> Try enabling logging support and inspect what is being
>>>         digested
>>>         >>>>>>> when signing and when validating. You should be able to
>>>         >>>>>>> precisely narrow down the problem (it is probably
>>>         namespace
>>>         >>>>>>> related). I assume you are using JSR 105 from our
>>>         previous
>>>         >>>>>>> correspondences. See this blog for more info on
>>>         enabling the
>>>         >>>>>>> logging:
>>>         >>>>>>>
>>>         >>>>>>>
>>>         http://weblogs.java.net/blog/mullan/archive/2006/02/more_xml_signat_1.html
>>>         >>>>>>>
>>>         >>>>>>>
>>>         >>>>>>> --Sean
>>>         >>>>>>>
>>>         >>>>>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ------------------------------------------------------------------------
>>>         >>>>>>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Marshalling Reference
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Adding digestValueElem
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Marshalling Reference
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Adding digestValueElem
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Marshalling Reference
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference marshal
>>>         >>>>>> FINE: Adding digestValueElem
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference: "#DOC1"
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID DOC1
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdUsingDOM
>>>         >>>>>> FINE: getElementByIdUsingDOM() Search for ID DOC1
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID DOC1 and Element was
>>>         >>>>>> [DataFile: null]
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <DataFile Id="DOC1"><FileAttributtes
>>>         >>>>>> ContentType="compressed_base64"
>>>         >>>>>> LastModified="2004-05-25T12:34:04+0300"
>>>         >>>>>>
>>>         Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content
>>>         >>>>>>
>>>         Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs
>>>
>>>         >>>>>>
>>>         >>>>>> 3rgrAAAA</Content></DataFile>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference object uri = #DOC1
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference digesting completed
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference:
>>>         "#L1.S1-SignedProperties"
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID
>>>         L1.S1-SignedProperties
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdUsingDOM
>>>         >>>>>> FINE: getElementByIdUsingDOM() Search for ID
>>>         L1.S1-SignedProperties
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID
>>>         L1.S1-SignedProperties and
>>>         >>>>>> Element was [xsd:SignedProperties: null]
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <xsd:SignedProperties
>>>         >>>>>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>>>
>>>         Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails
>>>
>>>         >>>>>> Id="2" Username="miro">Miroslav
>>>         >>>>>>
>>>         Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference object uri = #L1.S1-SignedProperties
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference digesting completed
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementById
>>>         >>>>>> FINE: I could find an Element using the simple
>>>         getElementByIdType
>>>         >>>>>> method: dsig:KeyInfo
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID L1.S1-KeyInfo and
>>>         Element
>>>         >>>>>> was [dsig:KeyInfo: null]
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <dsig:KeyInfo
>>>         >>>>>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>>>
>>>         Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT
>>>         >>>>>>
>>>         >>>>>>
>>>         ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt
>>>         >>>>>>
>>>         >>>>>>
>>>         b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D
>>>         >>>>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq
>>>         >>>>>>
>>>         >>>>>>
>>>         hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI
>>>         >>>>>>
>>>         >>>>>>
>>>         oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S
>>>         >>>>>>
>>>         >>>>>>
>>>         ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q
>>>         >>>>>>
>>>         >>>>>>
>>>         hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference object uri = #L1.S1-KeyInfo
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMReference digest
>>>         >>>>>> FINE: Reference digesting completed
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod sign
>>>         >>>>>> FINE: Signature provider:SunPKCS11-Siemens-HiPath
>>>         version 1.6
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod sign
>>>         >>>>>> FINE: Signing with key: SunPKCS11-Siemens-HiPath RSA
>>>         private key,
>>>         >>>>>> 1024 bits (id 124128880, token object, sensitive,
>>>         unextractable)
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.Transform
>>>         <init>
>>>         >>>>>> FINE: Create URI
>>>         >>>>>>
>>>         "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>"
>>>         >>>>>> class "class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.Transform
>>>         <init>
>>>         >>>>>> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.ElementProxy
>>>         >>>>>> setElement
>>>         >>>>>> FINE: setElement(dsig:CanonicalizationMethod, "null"
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
>>>         >>>>>> FINE: Created transform for algorithm:
>>>         >>>>>>
>>>         http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
>>>         >>>>>> FINE: isNodeSet() = true
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMSignedInfo
>>>         >>>>>> canonicalize
>>>         >>>>>> FINE: Canonicalized SignedInfo:
>>>         >>>>>> <dsig:SignedInfo
>>>         >>>>>>
>>>         xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod
>>>
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>"></dsig:CanonicalizationMethod><dsig:SignatureMethod
>>>
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference
>>>
>>>         >>>>>> URI="#DOC1"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference
>>>
>>>         >>>>>> Type="http://uri.etsi.org/01903#SignedProperties"
>>>         >>>>>> URI="#L1.S1-SignedProperties"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference
>>>
>>>         >>>>>> URI="#L1.S1-KeyInfo"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI
>>>
>>>         >>>>>>
>>>         >>>>> n!
>>>         >>>>>>  fo>
>>>         >>>>>> 2007-2-1 17:36:05
>>>         org.jcp.xml.dsig.internal.dom.DOMSignedInfo
>>>         >>>>>> canonicalize
>>>         >>>>>> FINE: Data to be
>>>         >>>>>>
>>>         signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
>>>         >>>>>>
>>>         >>>>>>
>>>         bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz
>>>         >>>>>>
>>>         >>>>>>
>>>         aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu
>>>         >>>>>>
>>>         >>>>>>
>>>         YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz
>>>         >>>>>>
>>>         >>>>>>
>>>         aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug
>>>         >>>>>>
>>>         >>>>>>
>>>         VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw
>>>         >>>>>>
>>>         >>>>>>
>>>         Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz
>>>         >>>>>>
>>>         >>>>>>
>>>         dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
>>>         >>>>>>
>>>         >>>>>>
>>>         MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy
>>>         >>>>>>
>>>         >>>>>> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
>>>         >>>>>> 2007-2-1 17:36:06
>>>         org.jcp.xml.dsig.internal.dom.DOMXMLSignature sign
>>>         >>>>>> FINE: SignatureValue = [B@1efbbb1
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference: "#DOC1"
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID DOC1
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdUsingDOM
>>>         >>>>>> FINE: getElementByIdUsingDOM() Search for ID DOC1
>>>         >>>>>> 2007-2-1 17:36:18
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID DOC1 and Element was
>>>         >>>>>> [DataFile: null]
>>>         >>>>>> 2007-2-1 17:36:18
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:18
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:18
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <DataFile Id="DOC1"><FileAttributtes
>>>         >>>>>> ContentType="compressed_base64"
>>>         >>>>>> LastModified="2004-05-25T12:34:04+0300"
>>>         >>>>>>
>>>         Size="43"><FileName>AUTOEXEC.BAT</FileName></FileAttributtes><Content
>>>         >>>>>>
>>>         Id="CONT1">H4sIAAAAAAAAAAt2DVHw8Y338XR29Qt2jXfz9HG1dbaKcctJrfDxjfHJTE7NK07VS0ks4eUCAKAs
>>>
>>>         >>>>>>
>>>         >>>>>> 3rgrAAAA</Content></DataFile>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Expected digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Actual digest: 5L9KuDZI/6zj2kb9oP8RipkcYwc=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMXMLSignature
>>>         >>>>>> validate
>>>         >>>>>> FINE: Reference[#DOC1] is valid: true
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference:
>>>         "#L1.S1-SignedProperties"
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID
>>>         L1.S1-SignedProperties
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdUsingDOM
>>>         >>>>>> FINE: getElementByIdUsingDOM() Search for ID
>>>         L1.S1-SignedProperties
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID
>>>         L1.S1-SignedProperties and
>>>         >>>>>> Element was [xsd:SignedProperties: null]
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <xsd:SignedProperties
>>>         >>>>>> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>>> xmlns:xsd=" http://uri.etsi.org/01903/v1.3.2#"
>>>         >>>>>>
>>>         Id="L1.S1-SignedProperties"><xsd:SignedSignatureProperties><xsd:SigningTime>2007-02-01T17:36:05+0200</xsd:SigningTime><xsd:SignerDetails
>>>
>>>         >>>>>> Id="2" Username="miro">Miroslav
>>>         >>>>>>
>>>         Nachev</xsd:SignerDetails></xsd:SignedSignatureProperties></xsd:SignedProperties>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Expected digest: hWzwrP7ScWa4ri2YeONAgjI9ZGI=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Actual digest: TlwlgnfCzrjdI0MhaBROwgTHvSI=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMXMLSignature
>>>         >>>>>> validate
>>>         >>>>>> FINE: Reference[#L1.S1-SignedProperties] is valid: false
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMXMLSignature
>>>         >>>>>> validate
>>>         >>>>>> FINE: Couldn't validate the References
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod verify
>>>         >>>>>> FINE: Signature provider:SunRsaSign version 1.5
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMRSASignatureMethod verify
>>>         >>>>>> FINE: verifying with key: Sun RSA public key, 1024 bits
>>>         >>>>>>   modulus:
>>>         >>>>>>
>>>         168164527555608136888830022857056132023036777656418518049464251253737723792048985548139271763061864520875701968328564748366237424723155092944235075765817478111725643802025622853273984978027240469613154811874843038396779307309442362407952606871051501808113074993835124868184526839845834261024714072735447928201
>>>
>>>         >>>>>>
>>>         >>>>>>   public exponent: 65537
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.Transform
>>>         <init>
>>>         >>>>>> FINE: Create URI
>>>         >>>>>>
>>>         "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>"
>>>         >>>>>> class "class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.implementations.TransformC14NWithComments"
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.transforms.Transform
>>>         <init>
>>>         >>>>>> FINE: The NodeList is [dsig:CanonicalizationMethod: null]
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.ElementProxy
>>>         >>>>>> setElement
>>>         >>>>>> FINE: setElement(dsig:CanonicalizationMethod, "null"
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
>>>         >>>>>> FINE: Created transform for algorithm:
>>>         >>>>>>
>>>         http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer transform
>>>         >>>>>> FINE: isNodeSet() = true
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMSignedInfo
>>>         >>>>>> canonicalize
>>>         >>>>>> FINE: Canonicalized SignedInfo:
>>>         >>>>>> <dsig:SignedInfo
>>>         >>>>>>
>>>         xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:CanonicalizationMethod
>>>
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
>>>         <http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments>"></dsig:CanonicalizationMethod><dsig:SignatureMethod
>>>
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference
>>>
>>>         >>>>>> URI="#DOC1"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>5L9KuDZI/6zj2kb9oP8RipkcYwc=</dsig:DigestValue></dsig:Reference><dsig:Reference
>>>
>>>         >>>>>> Type="http://uri.etsi.org/01903#SignedProperties"
>>>         >>>>>> URI="#L1.S1-SignedProperties"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>hWzwrP7ScWa4ri2YeONAgjI9ZGI=</dsig:DigestValue></dsig:Reference><dsig:Reference
>>>
>>>         >>>>>> URI="#L1.S1-KeyInfo"><dsig:DigestMethod
>>>         >>>>>>
>>>         Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>g+LVdhRueJWcGkqiM48X1/TjOTk=</dsig:DigestValue></dsig:Reference></dsig:SignedI
>>>
>>>         >>>>>>
>>>         >>>>> n!
>>>         >>>>>>  fo>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMSignedInfo
>>>         >>>>>> canonicalize
>>>         >>>>>> FINE: Data to be
>>>         >>>>>>
>>>         signed/verified:PGRzaWc6U2lnbmVkSW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3ht
>>>         >>>>>>
>>>         >>>>>>
>>>         bGRzaWcjIj48ZHNpZzpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUjV2l0aENvbW1lbnRzIj48L2Rz
>>>         >>>>>>
>>>         >>>>>>
>>>         aWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZD48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGht
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         PSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiPjwvZHNpZzpTaWdu
>>>         >>>>>>
>>>         >>>>>>
>>>         YXR1cmVNZXRob2Q+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0RPQzEiPjxkc2lnOkRpZ2VzdE1ldGhv
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIj48L2Rz
>>>         >>>>>>
>>>         >>>>>>
>>>         aWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPjVMOUt1RFpJLzZ6ajJrYjlvUDhSaXBr
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         Y1l3Yz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVyZW5jZT48ZHNpZzpSZWZlcmVuY2Ug
>>>         >>>>>>
>>>         >>>>>>
>>>         VHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNM
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         MS5TMS1TaWduZWRQcm9wZXJ0aWVzIj48ZHNpZzpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRw
>>>         >>>>>>
>>>         >>>>>>
>>>         Oi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSI+PC9kc2lnOkRpZ2VzdE1ldGhvZD48
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ZHNpZzpEaWdlc3RWYWx1ZT5oV3p3clA3U2NXYTRyaTJZZU9OQWdqSTlaR0k9PC9kc2lnOkRpZ2Vz
>>>         >>>>>>
>>>         >>>>>>
>>>         dFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PGRzaWc6UmVmZXJlbmNlIFVSST0iI0wxLlMxLUtleUlu
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         Zm8iPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
>>>         >>>>>>
>>>         >>>>>>
>>>         MDkveG1sZHNpZyNzaGExIj48L2RzaWc6RGlnZXN0TWV0aG9kPjxkc2lnOkRpZ2VzdFZhbHVlPmcr
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         TFZkaFJ1ZUpXY0drcWlNNDhYMS9Uak9Uaz08L2RzaWc6RGlnZXN0VmFsdWU+PC9kc2lnOlJlZmVy
>>>         >>>>>>
>>>         >>>>>> ZW5jZT48L2RzaWc6U2lnbmVkSW5mbz4=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverDirectHTTP
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: quick fail for empty URIs and local ones
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>> getInstance
>>>         >>>>>> FINE: check resolvability by class
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineCanResolve
>>>         >>>>>> FINE: State I can resolve reference: "#L1.S1-KeyInfo"
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdType
>>>         >>>>>> FINE: getElementByIdType() Search for ID L1.S1-KeyInfo
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>> com.sun.org.apache.xml.internal.security.utils.IdResolver
>>>         >>>>>> getElementByIdUsingDOM
>>>         >>>>>> FINE: getElementByIdUsingDOM() Search for ID L1.S1-KeyInfo
>>>         >>>>>> 2007-2-1 17:36:19
>>>         >>>>>>
>>>         com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment
>>>
>>>         >>>>>> engineResolve
>>>         >>>>>> FINE: Try to catch an Element with ID L1.S1-KeyInfo and
>>>         Element
>>>         >>>>>> was [dsig:KeyInfo: null]
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: URIDereferencer class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.DOMURIDereferencer
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> dereference
>>>         >>>>>> FINE: Data class name:
>>>         >>>>>> org.jcp.xml.dsig.internal.dom.ApacheNodeSetData
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: Pre-digested input:
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.DigesterOutputStream
>>>         >>>>>> write
>>>         >>>>>> FINER: <dsig:KeyInfo
>>>         >>>>>> xmlns:dsig=" http://www.w3.org/2000/09/xmldsig#"
>>>         >>>>>>
>>>         Id="L1.S1-KeyInfo"><dsig:X509Data><dsig:X509Certificate>MIIDNTCCAp6gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCQkcxEzARBgNVBAgT
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ClNvZmlhIGNpdHkxKDAmBgNVBAoTH0NPU01PUyBTb2Z0d2FyZSBFbnRlcnByaXNlcyBMdGQxDDAK
>>>         >>>>>>
>>>         >>>>>>
>>>         BgNVBAsUA1ImRDEYMBYGA1UEAxMPTWlyb3NsYXYgTmFjaGV2MSQwIgYJKoZIhvcNAQkBFhVjb3Nt
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         b3NAc3BhY2UtY29tbS5jb20wHhcNMDYxMDI2MTQxNjA0WhcNMDcxMDI2MTQxNjA0WjCBqDELMAkG
>>>         >>>>>>
>>>         >>>>>>
>>>         A1UEBhMCQkcxEzARBgNVBAgTClNvZmlhIGNpdHkxDjAMBgNVBAcTBVNvZmlhMSgwJgYDVQQKEx9D
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         T1NNT1MgU29mdHdhcmUgRW50ZXJwcmlzZXMgTHRkMQwwCgYDVQQLFANSJkQxGDAWBgNVBAMTD01p
>>>         >>>>>>
>>>         >>>>>>
>>>         cm9zbGF2IE5hY2hldjEiMCAGCSqGSIb3DQEJARYTbWlyb0BzcGFjZS1jb21tLmNvbTCBnzANBgkq
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         hkiG9w0BAQEFAAOBjQAwgYkCgYEA73lnjI4W3kv3ZkdoJhQPe4Vm18Ngad6QaDEyQHBlPPOR0mlP
>>>         >>>>>>
>>>         >>>>>>
>>>         iLxLBChEX/bs4xnHP4PcrC8ZFJ0gw+3uRJ323dcJzMo6BOmTWAUvkxigVOMCTuu3ZDLaMzi5QZiI
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         oQazA4cv87uQfIftQtlqCcrTJcAvEQdLrRXhrubO5lCqTYkCAwEAAaN7MHkwCQYDVR0TBAIwADAs
>>>         >>>>>>
>>>         >>>>>>
>>>         BglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFJ0S
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         ik14AEvA+rNYpNza4zeQDe4WMB8GA1UdIwQYMBaAFMENbK6a7aOPlnS6tQEG1a/z2mQzMA0GCSqG
>>>         >>>>>>
>>>         >>>>>>
>>>         SIb3DQEBBQUAA4GBAJsvALenpOOvnJ/1q4z76KT3xZotesbNn9OWbeDzYCoQhAlm1EILCi/o2u6Q
>>>
>>>         >>>>>>
>>>         >>>>>>
>>>         hrWskEwfRKkm/DfhsbSj15roAq24967DYKP/yzAqrLs7XrkxAghOgRtK/mzzhIfEoycbapaoIZjE
>>>         >>>>>>
>>>         >>>>>>
>>>         oGLfdXzU8LkpJr5lvhOjCAJxC/O59UP/sXE5</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
>>>
>>>         >>>>>>
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Expected digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
>>>         >>>>>> 2007-2-1 17:36:19
>>>         org.jcp.xml.dsig.internal.dom.DOMReference
>>>         >>>>>> validate
>>>         >>>>>> FINE: Actual digest: g+LVdhRueJWcGkqiM48X1/TjOTk=
>>>         >>>>>> BUILD SUCCESSFUL (total time: 1 minute 34 seconds)
>>>         >>>>>
>>>         >>>>>
>>>         >>>>
>>>         >>>
>>>         >>
>>>         >>
>>>         >
>>>
>>>
>>>
>>>
>>>
>>>
>>>     -- 
>>>     Lijun Liao 
>>
>>
>>
>>
>>
>> -- 
>> Lijun Liao 
> 


Mime
View raw message