santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Core Validation Failing .. now what?
Date Wed, 27 Feb 2008 19:44:19 GMT
Scott Cantor wrote:
>> So what does this mean?  There are no References? That seems odd, but
>> i'm not sure what to do about it.
> 
> It means the corruption is inside the Signature element itself, not the
> digest over the single reference that exists (ref[0]).
> 
> -- Scott
> 

And make sure you are using the right key to validate the signature.

Also, try dumping the canonicalized bytes of the SignedInfo element 
after signing and validation. You can do this by calling 
signature.getSignedInfo().getCanonicalizedData(). This returns an 
InputStream and you can use an InputStreamReader to read the bytes and 
write them out. Look for subtle differences in the data from the signing 
and the validating code. You should see something that is different and 
this should hopefully give you some clue as to what is wrong.

Also, see http://weblogs.java.net/blog/mullan/archive/2007/08/index.html

--Sean

Mime
View raw message