Hi,
I am testing the samples for running XML signature
validation on JDK 1.2.2. The code works fine on JDK
1.4.2 but I must run it on JDK 1.2.2 as our server
supports 1.2.2.
But it is giving me the following runtime errors:
org.apache.xml.security.signature.XMLSignatureException:
The Reference for URI has no
XMLSignatureInput
Original Exception was
org.apache.xml.security.signature.MissingResourceFailureException:
The Reference for URI has no
XMLSignatureInput
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException:
and so on....
I have copied the org folder that contains the w3c
classes from JSDK 1.4.4 and included it in the
classpath.
The sample code is as follows..
import java.io.*;
import java.lang.reflect.*;
import java.security.PublicKey;
import java.security.cert.*;
import java.util.*;
import javax.xml.transform.TransformerException;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.*;
import org.apache.xml.security.c14n.*;
import
org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.*;
import org.apache.xml.security.keys.*;
import org.apache.xml.security.keys.content.*;
import org.apache.xml.security.keys.content.x509.*;
import org.apache.xml.security.keys.keyresolver.*;
import org.apache.xml.security.keys.storage.*;
import
org.apache.xml.security.keys.storage.implementations.*;
import org.apache.xml.security.utils.*;
import org.apache.xml.security.Init;
import
org.apache.xml.security.samples.utils.resolver.OfflineResolver;
/**
*
*
*
*
* @author $Author: geuerp $
*
*/
public class VerifySignature2 {
/**
* Method main
*
* @param unused
*/
public static void main(String unused[]) {
boolean schemaValidate = false;
final String signatureSchemaFile =
"data/xmldsig-core-schema.xsd";
// String signatureFileName =
"data/ie/baltimore/merlin-examples/merlin-xmldsig-fifteen/signature-enveloping-rsa.xml";
String signatureFileName = "signature.xml";
if (schemaValidate) {
System.out.println("We do
schema-validation");
}
javax.xml.parsers.DocumentBuilderFactory dbf =
javax.xml.parsers.DocumentBuilderFactory.newInstance();
if (schemaValidate) {
dbf.setAttribute("http://apache.org/xml/features/validation/schema",Boolean.TRUE);
dbf.setAttribute("http://apache.org/xml/features/dom/defer-node-expansion";,
Boolean.TRUE);
dbf.setValidating(true);
dbf.setAttribute("http://xml.org/sax/features/validation";,
Boolean.TRUE);
}
dbf.setNamespaceAware(true);
dbf.setAttribute("http://xml.org/sax/features/namespaces";,
Boolean.TRUE);
if (schemaValidate) {
dbf.setAttribute("http://apache.org/xml/properties/schema/external-schemaLocation";,
Constants.SignatureSpecNS + " " +
signatureSchemaFile);
}
try {
// File f = new File("signature.xml");
File f = new File(signatureFileName);
System.out.println("Try to verify " +
f.toURL().toString());
javax.xml.parsers.DocumentBuilder db =
dbf.newDocumentBuilder();
db.setErrorHandler(new
org.apache.xml.security.utils.IgnoreAllErrorHandler());
if (schemaValidate) {
db.setEntityResolver(new
org.xml.sax.EntityResolver() {
public org.xml.sax.InputSource
resolveEntity(String publicId, String systemId)
throws org.xml.sax.SAXException {
if
(systemId.endsWith("xmldsig-core-schema.xsd")) {
try {
return new
org.xml.sax.InputSource(new
FileInputStream(signatureSchemaFile));
} catch (FileNotFoundException
ex) {
throw new
org.xml.sax.SAXException(ex);
}
} else {
return null;
}
}
});
}
org.w3c.dom.Document doc = db.parse(new
java.io.FileInputStream(f));
Element nscontext = XMLUtils.createDSctx(doc,
"ds",Constants.SignatureSpecNS);
Element sigElement = (Element)
XPathAPI.selectSingleNode(doc,"//ds:Signature[1]",
nscontext);
XMLSignature signature = new
XMLSignature(sigElement, f.toURL().toString());
signature.addResourceResolver(new
OfflineResolver());
//
XMLUtils.outputDOMc14nWithComments(signature.getElement(),
System.out);
KeyInfo ki = signature.getKeyInfo();
if (ki != null) {
if (ki.containsX509Data())
{
System.out.println("X509Data element
present in the KeyInfo");
}
X509Certificate cert =
signature.getKeyInfo().getX509Certificate();
if (cert != null)
{
/*
System.out.println(
"I try to verify the signature using
the X509 Certificate: "
+ cert);
*/
System.out.println("The XML signature
in file "+ f.toURL().toString() + " is " +
(signature.checkSignatureValue(cert)
? "valid (good)"
: "invalid !!!!! (bad)"));
}
else
{
System.out.println("Did not find a
Certificate");
PublicKey pk =
signature.getKeyInfo().getPublicKey();
if (pk != null)
{
/*
System.out.println(
"I try to verify the signature
using the public key: "
+ pk);
*/
System.out.println("The XML
signature in file " + f.toURL().toString() + " is "+
(signature.checkSignatureValue(pk)
? "valid
(good)" : "invalid !!!!! (bad)"));
} else
{
System.out.println("Did not find a
public key, so I can't check the signature");
}
}
} else {
System.out.println("Did not find a
KeyInfo");
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
static {
org.apache.xml.security.Init.init();
}
}
__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html
