I have a theoretically valid document that is failing core validation,
and I have the following code in place:
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) {
throw new Exception("Cannot find Signature element");
}
DOMValidateContext valContext = new DOMValidateContext(pk, nl.item(0));
XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM",
new XMLDSigRI());
XMLSignature signature = factory.unmarshalXMLSignature(valContext);
valid = signature.validate(valContext);
if (!valid) {
boolean sv = signature.getSignatureValue().validate(valContext);
logger.warn("signature validation status: " + sv);
Iterator i = signature.getSignedInfo().getReferences().iterator();
for (int j=0; i.hasNext(); j++) {
boolean refValid = ((Reference)i.next()).validate(valContext);
logger.warn("ref[" + j + "] validity status: " + refValid);
}
}
logger.debug("Completed signature validation");
The output from this is coming up as:
<signature validation status: false>
<ref[0] validity status: true>
<Completed signature validation>
So what does this mean? There are no References? That seems odd, but
i'm not sure what to do about it.
---
Nayan Hajratwala
Chikli Consulting LLC
http://agileshrugged.com
http://www.chikli.com
