Sign & Validation Help Needed

Fri, 31 Mar 2006 11:33:02 -0800

Hi All.
 
 
I downloded the apache java tool kit and executed the signing and validation example programs .I was able to sign and validate.I then tried the following.
1)devleoped my own xml document
2)parsed the document
3)did Envelope sign using DSA and appended the signed content to the soure node.
 
When i tried to validate , i got the message that the signature is in valid.
 
Can any one suggest me what i am doing wrong.
 
 
my XML with singed content :
<Data>

<Name id="1">Doe</Name>

<Address>900 N. Michigan Ave</Address>

<City>Chicago</City>

Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
  <CanonicalizationMethod Algorithm=" http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
  <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
<Reference URI="">
<Transforms>
  <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
  <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
  </Transforms>
  <DigestMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#sha1" />
  <DigestValue>76zcPvLBWmU4TOU1sOWkC4JDhoA=</DigestValue>
  </Reference>
  </SignedInfo>
  <SignatureValue>Kb/sxAEihzsGdglrn18vZiJDYoJtRVwLoAm6p7dj8h90ZN/O909+Wg==</SignatureValue>
KeyInfo>
<X509Data>
  <X509Certificate>MIIDDjCCAssCBD9OHkgwCwYHKoZIzjgEAwUAMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgT B1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vu a25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMDMwODI4MTUyMjQ4WhcNMDMxMTI2MTUyMjQ4WjBs MRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAw DgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMIIBuDCC ASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7 WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E +4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUC gYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6Ewo FhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWf BpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAM3ggtd5Nk+c3yDnQWtejbjnKPMyxcWZq3zbgFeTsKz2 KuWHtX3kyYT75noYqwNHptP4tvW1S6ayNF1yKVWg/28XwT4KAMNj8dBJQ4K6xHcGP19SkfnGlBoh hniQ8m6r6E8CX87VrcXAA3NwyfqxvVqsic1haEeTnnjdij1jKPCyMAsGByqGSM44BAMFAAMwADAt AhUAhN8q+NKUhQNkM/4cTEHQvrl4xI0CFCbgfHawM6hvjAUWzcm2q231Jvfa</X509Certificate>
  </X509Data>
<KeyValue>
<DSAKeyValue>
  <P>/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu K2HXKu/yIgMZndFIAcc=</P>
  <Q>l2BQjxUjC8yykrmCouuEC/BYHPU=</Q>
  <G>9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3 zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL Zl6Ae1UlZAFMO/7PSSo=</G>
  <Y>zeCC13k2T5zfIOdBa16NuOco8zLFxZmrfNuAV5OwrPYq5Ye1feTJhPvmehirA0em0/i29bVLprI0 XXIpVaD/bxfBPgoAw2Px0ElDgrrEdwY/X1KR+caUGiGGeJDybqvoTwJfztWtxcADc3DJ+rG9WqyJ zWFoR5OeeN2KPWMo8LI=</Y>
  </DSAKeyValue>
  </KeyValue>
  </KeyInfo>
  </Signature>
</Data>

       String keystoreType = "JKS";
      String keystoreFile = "keystore.jks";
      String keystorePass = "xmlsecurity";
      String privateKeyAlias = "test";
      String privateKeyPass = "xmlsecurity";
      String certificateAlias = "test";
      File signatureFile = new File("signature.xml");


      File signatureFile = new File("signature.xml");
      KeyStore ks = KeyStore.getInstance(keystoreType);
      FileInputStream fis = new FileInputStream(keystoreFile);
      ks.load(fis, keystorePass.toCharArray ());
      PrivateKey privateKey = (PrivateKey) ks.getKey(privateKeyAlias,
                                             privateKeyPass.toCharArray());
      javax.xml.parsers.DocumentBuilderFactory dbf =
      javax.xml.parsers.DocumentBuilderFactory.newInstance();
     javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();       
      org.w3c.dom.Document doc  = db.parse(signatureFile );
      Element  sourceElement = doc.getDocumentElement();
       String BaseURI = signatureFile.toURL().toString();   
      XMLSignature sig = new XMLSignature(doc, BaseURI ,
                                          XMLSignature.ALGO_ID_SIGNATURE_DSA );
      sourceElement.appendChild(sig.getElement());        
      Transforms transforms = new Transforms(doc);
      transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
      transforms.addTransform (Transforms.TRANSFORM_C14N_WITH_COMMENTS);
      sig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);
        X509Certificate cert =
            (X509Certificate) ks.getCertificate(certificateAlias);

         sig.addKeyInfo(cert);
         sig.addKeyInfo(cert.getPublicKey());
         System.out.println("Start signing");
         sig.sign(privateKey);
         System.out.println("Finished signing");     

      FileOutputStream f = new FileOutputStream(signatureFile);

      XMLUtils.outputDOMc14nWithComments(doc, f);

Reply via email to