First the the inputstream is build as follow: url = new URL(filenameURL); return url.openStream();
I had a look into the org.apache.xml.security.signature.XMLSignatureInput class and I don't understand why you need to reset the InputStream. Is it really necessary to reset it? Is is not possible to compute the signature/hash of the inputstream in one shot ? For your information, when I use an oracle BLOB as inpustream, it returns an error with the following message: Message: No message with ID "Could not resolve uri [URI="urn:hypersuite:48A38655-C0A8023D0FCAF030-80F77D83"]." found in resource bundle "org/apache/xml/security/resource/xmlsecurity". Original Exception was a java.lang.IllegalArgumentException and message Read-ahead limit < 0 Class: org.apache.xml.security.signature.XMLSignatureException Stack trace: org.apache.xml.security.signature.XMLSignatureException: No message with ID "Could not resolve uri [URI="urn:hypersuite:48A38655-C0A8023D0FCAF030-80F77D83"]." found in resource bundle "org/apache/xml/security/resource/xmlsecurity". Original Exception was a java.lang.IllegalArgumentException and message Read-ahead limit < 0 I hope you will find an other way to solve the problem... Regards. Yvan -----Original Message----- From: Raul Benito [mailto:[EMAIL PROTECTED] Sent: dimanche, 2. janvier 2005 23:32 To: security-dev@xml.apache.org Subject: Re: Resolving external references doesn't work with version 1.2 Hess Yvan wrote: >Hi, > >I am signing a XML document having external references. I created my own >Resolver (extending ResourceResolverSpi) that returns a XMLSignatureInput >object. My resolver works fine with version 1.1 but not with version 1.2. >Here is the code... > > > First of all sorry for the delay answering this issue. I recommend you to open a bug report in bugzilla and attach a simple test case that show the error. This way we will not forgot about this problem in the future. Technically, I don't know if is a bug in the XML Signature or the implementation of reset() in BufferedInputStream class(which is the kind of InputStream you got you call getContent() in the unknown for me URIContent class). In the 1.1 version of the library every inputstream was defensively copied to a ByteArrayInputStream this could be a big amount of memory and a very slow operation, so in the 1.2 we only do this if the InputStream does not support mark(i.e. markSupported() method returns false). If the InputStream supports mark the library just call reset(without previously call mark as we want to position again in the beginning of the Stream), everytime it finish with the InputStream. Your problem can be happening by two different reasons: 1.- The BufferedInputStream does not support the call to reset without a mark.(Going against the spirit of the explanation in the JavaDoc of reset() in InputStream) 2.- The buffer saved by the BufferInputStream to reset has been overpass and cannot obtain again the lost bytes, and inidicate it with an error. Anyway I think is better if the application knows what kind of cache it wants to have an create only XMLSignature with ByteArrayInputStreams or just plain bytes, but as we are publishing the API If I don't detected any way to fix this issue I will revert to the previous inefficient behavior. Regards, Raul http://r-bg.com >public XMLSignatureInput engineResolve(Attr uri, String baseURI) throws >ResourceResolverException > { > String uriValue = uri.getValue(); > XMLSignatureInput result = null; > > try > { > URIContent content = this.resolve(uriValue, baseURI); > > // TODO: FOR VERSION 1.2. May be it is a bug !!! > > /* > java.io.ByteArrayOutputStream bou = new >java.io.ByteArrayOutputStream(); > imtf.ch.atlas.core.io.Copier.copy(content.getInputStream(), bou); > result = new XMLSignatureInput(bou.toByteArray()); > */ > > // TODO: This is the correct code for VERSION 1.1 and should be the >same for VERSION 1.2 > result = new XMLSignatureInput(content.getInputStream()); > result.setSourceURI(uri.getNodeName()); > result.setMIMEType(content.getContentType()); > } > catch (Exception e) > { > throw new ResourceResolverException("Could not resolve uri [" + uri >+ "].", e, uri, baseURI); > } > > return result; > } > >When I sign the document using version 1.1 it is ok, when I sign it with >version 1.2, I got the exception bellow. The inputstream given to the >XMLSignatureInput is a FileInputStream. For version 1.2, if I copy it into a >ByteArrayOutputStream it works (see comment code into my Resolver). >Can you have a look and give me a feedback, I think it is a bug. > >Regards. Yvan > >-------- Exception at level 1 -------- >Message: Unable to sign the XML document. >Class: imtf.ch.atlas.sphinx2.SphinxException > >-------- Exception at level 2 -------- >Message: Resetting to invalid mark >Class: org.apache.xml.security.signature.XMLSignatureException >Stack trace: >org.apache.xml.security.signature.XMLSignatureException: Resetting to >invalid mark >Original Exception was >org.apache.xml.security.signature.ReferenceNotInitializedException: >Resetting to invalid mark >Original Exception was java.io.IOException: Resetting to invalid mark > at org.apache.xml.security.signature.XMLSignature.sign(Unknown >Source) > at imtf.ch.atlas.sphinx2.xmlsig.Signer.sign(Signer.java:480) > at >test.imtf.ch.atlas.sphinx2.xml.XMLSignatureTest.testSignAndVerify_ExternalN o >tSignedCase1(XMLSignatureTest.java:98) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:3 9 >) > at >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp l >.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at junit.framework.TestCase.runTest(TestCase.java:154) > at junit.framework.TestCase.runBare(TestCase.java:127) > at junit.framework.TestResult$1.protect(TestResult.java:106) > at junit.framework.TestResult.runProtected(TestResult.java:124) > at junit.framework.TestResult.run(TestResult.java:109) > at junit.framework.TestCase.run(TestCase.java:118) > at junit.framework.TestSuite.runTest(TestSuite.java:208) > at junit.framework.TestSuite.run(TestSuite.java:203) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestR u >nner.java:421) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner . >java:305) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunne r >.java:186) >org.apache.xml.security.signature.ReferenceNotInitializedException: >Resetting to invalid mark >Original Exception was java.io.IOException: Resetting to invalid mark > at >org.apache.xml.security.signature.Reference.calculateDigest(Unknown Source) > at >org.apache.xml.security.signature.Reference.generateDigestValue(Unknown >Source) > at >org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown >Source) > at org.apache.xml.security.signature.XMLSignature.sign(Unknown >Source) > at imtf.ch.atlas.sphinx2.xmlsig.Signer.sign(Signer.java:480) > at >test.imtf.ch.atlas.sphinx2.xml.XMLSignatureTest.testSignAndVerify_ExternalN o >tSignedCase1(XMLSignatureTest.java:98) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:3 9 >) > at >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp l >.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at junit.framework.TestCase.runTest(TestCase.java:154) > at junit.framework.TestCase.runBare(TestCase.java:127) > at junit.framework.TestResult$1.protect(TestResult.java:106) > at junit.framework.TestResult.runProtected(TestResult.java:124) > at junit.framework.TestResult.run(TestResult.java:109) > at junit.framework.TestCase.run(TestCase.java:118) > at junit.framework.TestSuite.runTest(TestSuite.java:208) > at junit.framework.TestSuite.run(TestSuite.java:203) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestR u >nner.java:421) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner . >java:305) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunne r >.java:186) >java.io.IOException: Resetting to invalid mark > at java.io.BufferedInputStream.reset(BufferedInputStream.java:370) > at >org.apache.xml.security.signature.XMLSignatureInput.updateOutputStream(Unkn o >wn Source) > at >org.apache.xml.security.signature.Reference.calculateDigest(Unknown Source) > at >org.apache.xml.security.signature.Reference.generateDigestValue(Unknown >Source) > at >org.apache.xml.security.signature.Manifest.generateDigestValues(Unknown >Source) > at org.apache.xml.security.signature.XMLSignature.sign(Unknown >Source) > at imtf.ch.atlas.sphinx2.xmlsig.Signer.sign(Signer.java:480) > at >test.imtf.ch.atlas.sphinx2.xml.XMLSignatureTest.testSignAndVerify_ExternalN o >tSignedCase1(XMLSignatureTest.java:98) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:3 9 >) > at >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp l >.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at junit.framework.TestCase.runTest(TestCase.java:154) > at junit.framework.TestCase.runBare(TestCase.java:127) > at junit.framework.TestResult$1.protect(TestResult.java:106) > at junit.framework.TestResult.runProtected(TestResult.java:124) > at junit.framework.TestResult.run(TestResult.java:109) > at junit.framework.TestCase.run(TestCase.java:118) > at junit.framework.TestSuite.runTest(TestSuite.java:208) > at junit.framework.TestSuite.run(TestSuite.java:203) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestR u >nner.java:421) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner . >java:305) > at >org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunne r >.java:186) > > > > > > >