Hi all,
please help! I am trying to validate a signature from a SOAP messages sent by
a .NET client (with WSE 3.0 extentions). I have code that looks something
like:
// create the certificate from the Binary Token element in the SOAP header
String x509String = "-----BEGIN CERTIFICATE-----\n" +
certificateElement.getTextContent() +
"\n-----END CERTIFICATE-----";
ByteArrayInputStream x509Stream = new ByteArrayInputStream(x509String.getBytes
());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate x509Cert = (X509Certificate)cf.generateCertificate(x509Stream);
// validate the signature with the cert
XMLSignature xmlSig = new XMLSignature(soapSignatureElement, null);
boolean validSig = xmlSig.checkSignatureValue(x509Cert);
But xmlSig.checkSignatureValue throws exception:
org.apache.xml.security.signature.XMLSignatureException: Sorry, you supplied
the wrong key type for this operation! You supplied a
sun.security.rsa.RSAPublicKeyImpl but a javax.crypto.SecretKey is needed.
Here is the relevant debug output:
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.utils.ElementProxy: setElement
("SignatureMethod", "null")
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.algorithms.SignatureAlgorithm: Create
URI "http://www.w3.org/2000/09/xmldsig#
hmac-sha1"
class "org.apache.xml.security.algorithms.implementations.IntegrityHmac$Integri
tyHmacSHA1"
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.algorithms.JCEMapper: Request for URI
http://www.w3.org/2000/09/xmldsig#hmac-
sha1
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacS
HA1: Created Integrity
HmacSHA1 using HmacSHA1
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.signature.XMLSignature: SignatureMethodURI =
http://www.w3.org/2000/09/xmldsi
g#hmac-sha1
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacS
HA1: engineGetJCEAlgor
ithmString()
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.signature.XMLSignature: jceSigAlgorithm = HmacSHA1
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.signature.XMLSignature: jceSigProvider = SunJCE
[DEBUG] (http-8080-Processor24)
org.apache.xml.security.signature.XMLSignature: PublicKey = Sun RSA public
key, 1024 bits
modulus:
1747863247664958905802278924534763264089838696893906890661757729867616547564319
670626196905
5049820973999680381994008490726658397198938644248983651736340819093231013853051
71211941448249849185523
0463179540672775404027065104479775499172028942939513553421164891061668224475883
46876312243193805905109
22044844028131
public exponent: 65537
[DEBUG] (http-8080-Processor24)
Error parsing
WSSecurity header { org.apache.xml.security.signature.XMLSignatureException:
Sorry, you supplied the
wrong key type for this operation! You supplied a
sun.security.rsa.RSAPublicKeyImpl but a javax.crypt
o.SecretKey is needed.
Original Exception was
org.apache.xml.security.signature.XMLSignatureException: Sorry, you supplied th
e wrong key type for this operation! You supplied a
sun.security.rsa.RSAPublicKeyImpl but a javax.cryp
to.SecretKey is needed.
at org.apache.xml.security.signature.XMLSignature.checkSignatureValue
(Unknown Source)
:
Any adivce on what's going on and how to fix it?
thanks in advance!
Olia
