The signature or decryption was invalid

Tue, 15 Sep 2009 02:57:08 -0700 

Hello folks,
if I have a response of a webservice which contains a service fault and this 
response is signed with a private key, every service client (JAVA AXIS2 or .NET 
WCF) denies the response because of an invalid signature. I added such a 
response as attachment to this mail.
I heard about a bug in the OpenSAML jar and so I changed my OpenSAML jar with 
the patched one but this didn't solve the problem either.  
Is there something known about this bug? 
With kind regards
Christian Mielke

HTTP/1.1 500 Internal Server Error
Content-Type: application/soap+xml; 
action="http://test.net/batman/wsdl/HelloWorldSecurePortType/throwError/Fault/fault";charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 15 Sep 2009 09:34:19 GMT
Connection: close
Server: batman

b3c
<?xml version='1.0' encoding='UTF-8'?>
   <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"; 
xmlns:wsa="http://www.w3.org/2005/08/addressing";>
      <soapenv:Header>
         <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 soapenv:mustUnderstand="true">
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
Id="Signature-5">
               <ds:SignedInfo>
                  <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
                  <ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
                  <ds:Reference URI="#Id-18097223">
                     <ds:Transforms>
                        <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
                     </ds:Transforms>
                     <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
                     
<ds:DigestValue>kgn14K6qDKazF/J6jS6J7lp2iFE=</ds:DigestValue>
                  </ds:Reference>
                  <ds:Reference URI="#id-6">
                     <ds:Transforms>
                        <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
                     </ds:Transforms>
                     <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
                     
<ds:DigestValue>uYV8oK+nNbIPOwWqycrWx6b4Aos=</ds:DigestValue>
                  </ds:Reference>
                  <ds:Reference URI="#id-7">
                     <ds:Transforms>
                        <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
                     </ds:Transforms>
                     <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
                     
<ds:DigestValue>5NjphLNx3Boz93CiiLKlS66z//0=</ds:DigestValue>
                  </ds:Reference>
               </ds:SignedInfo>
               
<ds:SignatureValue>urd5P9wHHTOgntfAx025jsxlOHTdJZ96JIBEcAVr2lsYuvCoQAR7U5wjCKgLbXJUG9h7k1CJdksePQkrunU1QCknvoJexoe0JOkElMgnB5gRjDmqGLbz17Wt5N+QJCULXYSYOvT5l/zSPjF3dvlo/Bl5DZdbU7HkmX+GU3Oo2X0=</ds:SignatureValue>
               <ds:KeyInfo Id="KeyId-407CE2C162E5ED4B3A12530072593589">
                  <wsse:SecurityTokenReference 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="STRId-407CE2C162E5ED4B3A125300725935810">
                     <wsse:KeyIdentifier 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>mKwZLLX04ajl4P+bam88fCXlxxQ=</wsse:KeyIdentifier>
                  </wsse:SecurityTokenReference>
               </ds:KeyInfo>
            </ds:Signature>
         </wsse:Security>
         <wsa:Action 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 
wsu:Id="id-6">http://test.net/batman/wsdl/HelloWorldSecurePortType/throwError/Fault/fault</wsa:Action>
         <wsa:RelatesTo 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="id-7">urn:uuid:D6C9EBF14040C17C791253007258573</wsa:RelatesTo>
      </soapenv:Header>
      <soapenv:Body 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="Id-18097223">
         <soapenv:Fault>
            <soapenv:Code>
               <soapenv:Value>soapenv:Receiver</soapenv:Value>
            </soapenv:Code>
6e

            <soapenv:Reason>
               <soapenv:Text xml:lang="en-US">ENFORCED ERROR THROWN 
CORRECTLY</soapenv:Text>
            </soapenv:Reason>
14c

            <soapenv:Detail>
               <serviceFault xmlns="http://www.test.net/batman/xsd/sys/common";>
                  <faultcode>99990010</faultcode>
                  <reason>ENFORCED ERROR THROWN CORRECTLY</reason>
                  <node />
                  <detail>ENFORCED ERROR THROWN CORRECTLY</detail>
                  <ctxId>AC10014E00000123BD0D761300000005</ctxId>
                  <timestamp>2009-09-15T11:34:19.202+02:00</timestamp>
               </serviceFault>
11

            </soapenv:Detail>
32

         </soapenv:Fault>
      </soapenv:Body>
   </soapenv:Envelope>
0

Reply via email to