Problem solved. It was a namespace issue.
Here is what I did -
1) after signing the DOM, I serialized the msg using the Canonicalizer
and dumped it...
sig.sign(privKey);
byte[] bytes1 = Canonicalizer.getInstance(
Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS).canonicalizeSubtree(doc);
StringBuffer buff = new StringBuffer(bytes1.length);
InputStreamReader isr = new InputStreamReader(new ByteArrayInputStream(
bytes1),"ISO-8859-1");
Reader in = new BufferedReader(isr);
int ch;
while ((ch = in.read()) > -1) {
buff.append((char)ch).append("\n");;
}
in.close();
The key here is NOT to Transform to a String, but to convert the byte
array to characters
THEN I ran it thru the Transforms I normally use, re-parsed the DOM, and
ran it thru the Canonicalizer again, and dumped it.
By comparing the byte arrays (in character format), I was able to
determined that 3 elements had names space designations AFTER parsing, but
not before.
Then I discovered this:
http://www.mail-archive.com/security-dev@xml.apache.org/msg04200.html
[Bug 43197] New: - Canonicalizer.canonicalizeSubtree(Node) omits
namespaces for Documents created with DocumentBuilder.newDocument()
and the response:
http://www.mail-archive.com/security-dev@xml.apache.org/msg04215.html
This is not a bug. You need to explicitly add namespace attributes with
the
DOM L2 Element.setAttributeNS method on the elements that they should be
defined
on in order for them to be "visible" to the canonicalization
implementation.
In your code, insert this statement:
dummyElement.setAttributeNS("http://www.w3.org/2000/xmlns/";;, "xmlns",
dummyNS);
So I did, and all is well. Thanx for the help.
Ed
