santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 43685] Problem verifying signatures generated by BEA Aqualogic
Date Thu, 10 Jul 2008 14:44:18 GMT

René Nielsen <> changed:

           What    |Removed                     |Added
             Status|NEEDINFO                    |RESOLVED
         Resolution|                            |WORKSFORME

--- Comment #18 from René Nielsen <>  2008-07-10 07:44:17 PST ---
I'm happy to tell you that I have found the solution.

I have been using javax.xml.transform objects to convert my signed Document in
order to forward the content onto my servlet OutputStream. Result was invalid
Timestamp and body references due to differences in the digests.

A few days ago I read, which
suggested that some formatting/alteration of the signed document was happening.

Thus I felt compelled to try different ways of streaming the document to the

// Usecase XMLSerializer 
      // Fixed Timestamp reference issue, however, body reference is invalid
      org.apache.xml.serialize.OutputFormat format = new
      org.apache.xml.serialize.XMLSerializer serializer = new
org.apache.xml.serialize.XMLSerializer(out, format);

The output still looks logical fine, but some formatting problem still exists
for the body element. Since I was signing and then streamed onto the network
without any intermediary steps I started to think up more ways to perform the
streaming step.

// Usecase DOM2Writer
      // Yields IOException on the client side. The message is received and
logged, but fails  due to "Unterminated value" which triggers the handlerFault
with bea exception trace for Unterminated value domout = new;
      domout.serializeAsXML(doc, (Writer)new OutputStreamWriter(out),false);

// Usecase DOM2Writer with windows linefeed
      // Yields IOException on the client side. 
// Due to Unterminated value on client side see, DOM2Writer usecase... send
line termination domout = new;
      domout.serializeAsXML(doc, (Writer)new OutputStreamWriter(out),false);    
// Due to Unterminated value on client side see, DOM2Writer... send line
// YES, this worked fine! 

// Usecase Canonicalizer ( Perserves signed content(Idempotent), but let me use
the writeTo )
Canonicalizer c14n =
byte[] canonicalMessage = c14n.canonicalizeSubtree(signedDoc);
ByteArrayInputStream in = new ByteArrayInputStream(canonicalMessage); 
MessageFactory factory = MessageFactory.newInstance(); 
((SOAPMessage)factory.createMessage(null, in)).writeTo(out); 
// YES, this worked fine! 

I don't think this is a bug anymore.

Thanks, for your time.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.
View raw message