Problem with verfiying Signature

Tue, 17 Jul 2007 01:25:17 -0700 

Hi all,

I hope somebody can help with this, as I don't know what to do any more.
My problem is that I am trying to use the XML Signature as hash value
for XML documents.

First I create a Signature like this (I left some things out, to shorten
it):

// get DOM tree
Document doc = new Document((Element) root.detach());
    // compute XML signature for in
    DOMOutputter output = new DOMOutputter();
    org.w3c.dom.Document domDoc = output.output(doc);

    // create signature object and set its Reference
    XMLSignature sig = new XMLSignature(domDoc, "",
XMLSignature.ALGO_ID_SIGNATURE_DSA);
    sig.addDocument("");

    //get the private key for signing.

     sig.addKeyInfo(cert);
     sig.addKeyInfo(cert.getPublicKey());
     sig.sign(privateKey);

      // re-convert to JDOM
      org.w3c.dom.Element sigElem = sig.getElement();
      DOMBuilder builder = new DOMBuilder();
      out = builder.build(sigElem);

I write the signature element to a file (for testing).

Then I try to validate like that:
//doc is the original XML document
 org.w3c.dom.Document doc = output.output(new Document((Element)
root.detach()));
//the XML Signature doc:
 org.w3c.dom.Document sigDoc = output.output(new Document((Element)
signature.detach()));

    //make a signature object from the signature element
    XMLSignature sig = new XMLSignature(sigDoc.getDocumentElement(), "");
//My custom resolver, which will just return the doc as
XMLSignatureInput:
NullURIResolver docResolver = new NullURIResolver(doc);
    sig.addResourceResolver(docResolver);
    KeyInfo ki = sig.getKeyInfo();

   X509Certificate cert = ki.getX509Certificate();

   valid = sig.checkSignatureValue(cert);

My NullURIResolver looks like this:

public NullURIResolver(Document dataInput)
  {
    this.dataInput = dataInput;
  }

public XMLSignatureInput engineResolve(Attr uri, String BaseURI) throws
ResourceResolverException
  {
    XMLSignatureInput result = null;

    if(this.dataInput != null)
    {
      result = new XMLSignatureInput(this.dataInput);
      result.setMIMEType("text/xml");
      result.setSourceURI("");
    }
    else
    {
      Object exArgs[] = {"no data to resolve"};

      throw new ResourceResolverException("empty", exArgs, uri, BaseURI);
    }

    return result;
  }

As I see it, this will ignore the uri and just return the
XMLSignatureInput from the doc, it was given before.

Some how this won't validate.

Best regards,

Max

-- 
Maximilian Hütter
blue elephant systems GmbH
Wollgrasweg 49
D-70599 Stuttgart

Tel            :  (+49) 0711 - 45 10 17 578
Fax            :  (+49) 0711 - 45 10 17 573
e-mail         :  [EMAIL PROTECTED]
Sitz           :  Stuttgart, Amtsgericht Stuttgart, HRB 24106
Geschäftsführer:  Joachim Hörnle, Thomas Gentsch, Holger Dietrich

Reply via email to