aha! daft me spotted the problem. When saving the signed xml to file
I was setting all sorts of pretty print options, which of course
ruined the digest etc.
Works fine now: XML -> XMLBeans -> XMLSignature.sign() -> XMLBeans ->
XML -> XMLBeans -> XMLSignature.checkSignatureValue()
Alistair
On 19 Jan 2006, at 15:04, Alistair Young wrote:
I saw mails from last August suggesting you can't verify a
signature once you've loaded a doc into XMLBeans:
ResponseDocument responseDocument = ResponseDocument.Factory.parse
(samlResponse);
ResponseType responseType = responseDocument.getResponse();
CertificateFactory certFactory = CertificateFactory.getInstance("x.
509");
ByteArrayInputStream certByteStream = new ByteArrayInputStream
(x509CertBytes[cc]);
X509Certificate x509Cert = (X509Certificate)
certFactory.generateCertificate(certByteStream);
certByteStream.close();
SignatureType sigType = responseType.getSignature();
XMLSignature sig = new XMLSignature((Element)sigType.getDomNode(),
"");
sig.checkSignatureValue(x509Cert);
always fails to verify the signature. I heard something about
XMLBeans not adding prefixes when loading from file.
Is this still the case or is there something I can use in
XmlOptions when loading?
thanks,
Alistair
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
