Re: Verifying enveloped signatures.

Wed, 30 Mar 2005 10:17:34 -0800 

Hello!!

Have you tried to append the signature element before signing???? Have a look at the CreateSignature.java or CreateDonaldsAdditionalURISignature.java examples in the library.

   I hope this would help you.

Cheers,
Inma.


----- Original Message ----- From: "def abc" <[EMAIL PROTECTED]>
To: <security-dev@xml.apache.org>
Sent: Wednesday, March 30, 2005 4:37 PM
Subject: Verifying enveloped signatures.


Hi all,

I posted a while ago a problem on verifying an
enveloped signature, but unfortunately haven't had any
answer to it.

Could somebody help me out here ? I get enveloping and
detached signautres correctly verified, but no way for
enveloped ones...

I basically pasted parts of my code below

Regards.

-------------


// init
org.apache.xml.security.Init.init();
dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
db = dbf.newDocumentBuilder();

// parse input file:
input =  db.parse(MyFileInputStream);
inputURI = f.toURI();

// set output stream
output = new FileOutputStream(xxxxxx);
outputURI = f.toURI();

// get private & public key
ks = KeyStore.getInstance("JKS");
fks = new FileInputStream(keystore_name);
ks.load(fks, keystore_password.toCharArray());
prvkey = (PrivateKey) ks.getKey(key_alias,
key_password.toCharArray());
cert = (X509Certificate) ks.getCertificate(key_alias);
pubkey = cert.getPublicKey();

// perform the signature
XMLSignature signature;
signature = new XMLSignature(input,
inputURI.toString(),
XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);
Transforms transforms = new Transforms(input);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_WITH_COMMENTS);
signature.addDocument("", transforms);
signature.sign(prvkey);

Element root = input.getDocumentElement();
root.appendChild(signature.getElement());
XMLUtils.outputDOMc14nWithComments(input, output);
output.close();

// verify signature
Document doc = db.parse(<from signed xml file>);
NodeList dsNodeList =
doc.getElementsByTagName("ds:Signature");
if (dsNodeList.getLength() == 0)
throw new IOException("No signature in file");

Element dsElement = (Element) dsNodeList.item(0);

XMLSignature signature = new XMLSignature(dsElement,
outputURI.toString());
return signature.checkSignatureValue(pubkey);







__________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails !
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/

Reply via email to