I was able to solve my issue, I had forgotten the init block: static {
org.apache.xml.security.Init.init(); }So I am able to create a signed XML document; however, now I'm having issues trying to validate the XML signature in C++. I've attached the C++ code to this document. Does anyone notice that I'm doing something completely wrong? Thanks... Bill- On Thu, Mar 24, 2011 at 10:37 PM, Bill Speirs <[email protected]> wrote: > I'm trying to apply a DSA signature to the XML output of a JAXB object > by following this example: http://goo.gl/vVNxy. I'm able to convert > the JAXB object to a Document; however, when I go to create the > XMLSignature I'm unsure what BaseURI I should use as my XML is not > coming from a file like in the example. > > The real problem though is that when I attempt to add a Transform, I > keep getting a NullPointerException on this line: > transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS); > > Exception in thread "main" java.lang.NullPointerException > at > org.apache.xml.security.transforms.Transform.getTransformSpi(Unknown Source) > at org.apache.xml.security.transforms.Transform.<init>(Unknown Source) > at org.apache.xml.security.transforms.Transform.getInstance(Unknown > Source) > at org.apache.xml.security.transforms.Transform.getInstance(Unknown > Source) > at org.apache.xml.security.transforms.Transforms.addTransform(Unknown > Source) > at test.Test.main(Test.java:64) > > I have attached my source example file and the associated XSD file I > used to generate the Token & Principal JAXB objects. > > Any help or insight would be greatly appreciated. > > Thanks in advance... > > Bill- >
/* * Copyright 2002-2005 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* * XSEC * * simpleValidate := An application to validate an in-memory signature * * Author(s): Berin Lautenbach * * $ID$ * * $LOG$ * */ #include <openssl/pem.h> #include "IOStreamOutputter.hpp" // XML-Security-C (XSEC) #include <xsec/framework/XSECProvider.hpp> #include <xsec/dsig/DSIGReference.hpp> #include <xsec/enc/OpenSSL/OpenSSLCryptoKeyHMAC.hpp> #include <xsec/framework/XSECException.hpp> #include <xsec/enc/OpenSSL/OpenSSLCryptoX509.hpp> #include <xsec/enc/OpenSSL/OpenSSLCryptoKeyDSA.hpp> #include <xsec/enc/XSECCryptoException.hpp> // Xerces #include <xercesc/util/PlatformUtils.hpp> #include <xercesc/parsers/XercesDOMParser.hpp> #include <xercesc/framework/MemBufInputSource.hpp> XERCES_CPP_NAMESPACE_USE #ifndef XSEC_NO_XALAN // Xalan #include <xalanc/XalanTransformer/XalanTransformer.hpp> XALAN_USING_XALAN(XalanTransformer) #endif const char *docToValidate = "\ <xml:token id=\"token\"><xml:principal><username>test</username></xml:principal><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\";>\n\ <ds:SignedInfo>\n\ <ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\";></ds:CanonicalizationMethod>\n\ <ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\";></ds:SignatureMethod>\n\ <ds:Reference URI=\"#xpointer(/)\">\n\ <ds:Transforms>\n\ <ds:Transform Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments\";></ds:Transform>\n\ </ds:Transforms>\n\ <ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\";></ds:DigestMethod>\n\ <ds:DigestValue>vkSYX2UzH4uEQ3jNfjT8YSFK9YU=</ds:DigestValue>\n\ </ds:Reference>\n\ </ds:SignedInfo>\n\ <ds:SignatureValue>CWKjFPDJSiYxFmm8muRamZC4bwhYib/e1NQK/DTra6L6vNKAcnw4pw==</ds:SignatureValue>\n\ </ds:Signature></xml:token>"; char cert[] = "\n\ MIIBtzCCASwGByqGSM44BAEwggEfAoGBALszx4Z8h092GhQuR07RlE+qAPKuRRsL\n\ uvn+W6Ac8qzpoPLLTQDha5AkZ5EOkCYmxlJrwMWwE9VdsimzeTC+T8FWnCWdHhUh\n\ Mm5TTDCz1P0CZLOw96ASFet9ZWGshEuXhFbPa/yZFH22wyjT0pJHvXonxugu5BFG\n\ xyRROYjHA6CPAhUAt0XOsTy69S865BHwQ3KixqAeeIECgYEAlGDyHRAetidSoufv\n\ pX7r4DFcY29ITMPuS1tNyVDGkRL/XcOM8wTq1IbBAtXnHNyKhIQUsDnzPgdsQRKU\n\ NvN10sxg7/i5npBRnNLtbg5wGF3fiAaeUougKdxpGyXNguT8s7MJu0kmQm37PvuF\n\ eY7yOPk8F8c7dCUGTpULZdgD1jADgYQAAoGATK2hyWw9cdaz/OVVqZFhUzPVIQQd\n\ PGczULf4GMKriaA0jFt2yLxPTX3pXMrZoAVpZLbxjDpJ17qm76kxPYCdIaVib9kn\n\ BhaEFNdxibTTvH/8NYS/YQDL7YupFpXbvHFIJkqOuVgYoxOmOJwC24pdWwusBRpT\n\ knSwRpTVVK/8OrI="; int main (int argc, char **argv) { try { XMLPlatformUtils::Initialize(); #ifndef XSEC_NO_XALAN XalanTransformer::initialize(); #endif XSECPlatformUtils::Initialise(); } catch (const XMLException &e) { cerr << "Error during initialisation of Xerces" << endl; cerr << "Error Message = : " << e.getMessage() << endl; } // Use xerces to parse the document XercesDOMParser * parser = new XercesDOMParser; parser->setDoNamespaces(true); parser->setCreateEntityReferenceNodes(true); parser->setDoSchema(true); // Create an input source MemBufInputSource* memIS = new MemBufInputSource ((const XMLByte*) docToValidate, (unsigned int) strlen(docToValidate), "XSECMem"); xsecsize_t errorCount = 0; parser->parse(*memIS); errorCount = parser->getErrorCount(); if (errorCount > 0) { cerr << "Error parsing input document\n"; exit (1); } DOMDocument *doc = parser->getDocument(); docSetup(doc); // Now create a signature object to validate the document XSECProvider prov; DSIGSignature * sig = prov.newSignatureFromDOM(doc); try { // read the public key in FILE *fp = fopen("dsa_pub.pem", "r"); EVP_PKEY *pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL); OpenSSLCryptoKeyDSA *dsa = new OpenSSLCryptoKeyDSA(pkey); sig->load(); sig->setSigningKey(dsa->clone()); fclose(fp); if (sig->verify()) { cout << "Signature Valid\n"; } else { char * err = XMLString::transcode(sig->getErrMsgs()); cout << "Incorrect Signature\n"; cout << err << endl; XSEC_RELEASE_XMLCH(err); } } catch (XSECException &e) { cerr << "An error occured during a signature load\n Message: " << e.getMsg() << endl; exit(1); } catch (XSECCryptoException &e) { cerr << "An error occured in the XML-Security-C Crypto routines\n Message: " << e.getMsg() << endl; exit(1); } // Clean up delete memIS; delete parser; return 0; }
