Hi,
first of all, I'm relatively new to Apache XML Security, so please be
patient :-)
My job is to sign an element inside a DOM-Document with the help of a
secretKey. Let the element that should be signed be called <Foo> and its
Id be "id" in beneath code snippet. The signature should be a detached
signature.
---------------------------------------------------------------------
private static Document sign(
Document doc, String id, SecretKey secretKey)
throws Exception
{
XMLSignature sig = new XMLSignature(doc, baseURI,
XMLSignature.ALGO_ID_MAC_HMAC_SHA1,
Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
Node root = doc.getFirstChild();
root.appendChild(sig.getElement());
Transforms transforms = new Transforms(doc);
transforms.addTransform(
Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
sig.addDocument("#" + id, transforms,
Constants.ALGO_ID_DIGEST_SHA1);
sig.sign(secretKey);
return doc;
}
---------------------------------------------------------------------
I'm working here on the client-side and the server responds, that there
is something wrong with the digest value of the signed reference while
the SignedInfo is correctly digested.
To get sure what went wrong we have to compare the digest inputs (value
after canonicalization) on both sides. I already got the canonicalized
Element as String from the server-side and I should do the same with my
implementation.
When I use the following lines of code to save the document immediately
before signing it I get the whole document in a canonicalized form.
FileOutputStream f = new FileOutputStream("test.xml");
XMLUtils.outputDOMc14nWithComments(doc, f);
But I only need the canonicalized form of the referenced element <Foo>.
Is there some way to dump the canonical form of a Reference to a log or
stdout?
Best regards,
Markus.
