Enveloped signature verification (with enveloped + C14N transform)

Mon, 07 Feb 2005 06:24:05 -0800 

Hi all,
Sorry to bother you, but I still can't get it to
work...
My enveloping signature & my detached signature work,
but not the enveloped one. I've been checking the
CreateSignature example - seems pretty close to my
own... Or is it the verification that's wrong in my
case ?
Thanks for any hint...
Regards,
Axelle.

Creating the enveloped signature:
XMLSignature signature;
                
signature = new XMLSignature(input,
inputURI.toString(),
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
                
Transforms transforms = new Transforms(input);
 
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
      
transforms.addTransform(Transforms.TRANSFORM_C14N_OMIT_COMMENTS);
        
signature.addDocument("", transforms);
signature.sign(prvkey);
                                
Element root = input.getDocumentElement();
root.appendChild(signature.getElement());
                                
XMLUtils.outputDOM(input, output);

========
Verification code:
FileInputStream fis = new
FileInputStream(outputURI.getPath());
Document doc = db.parse(fis);
fis.close();
                
                
NodeList dsNodeList =
doc.getElementsByTagName("ds:Signature");
if (dsNodeList.getLength() == 0)
        throw new IOException("No signature in file");
                
Element dsElement = (Element) dsNodeList.item(0);
                        
XMLSignature signature = new XMLSignature(dsElement,
outputURI.toString());
return signature.checkSignatureValue(pubkey);

=============
XML file :
<policy xsi:schemaLocation="http://xxx /home/xxx">
<dsi_policy>
 ...
</dsi_policy>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>7uZSWomZ8W6sa3GI+e/XCygny2I=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
BaUch43FSfEA4YFrFFp ....
</ds:SignatureValue>
</ds:Signature>
</policy>



        

        
                
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! 
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/

Reply via email to