Hi, There appears to be no easy way of doing this, apart from manually parsing the Signature Element. I've logged the following + merged a fix for 2.0.1:
https://issues.apache.org/jira/browse/WSS-502 After this merge, you can obtain the WSSecurityEngineResult corresponding to the signature, and obtain the list of WSDataRef objects from this in turn. WSDataRef now has a "digestValue" field containing the digest bytes. Colm. On Fri, May 23, 2014 at 2:42 PM, Engelhardt. Julian < [email protected]> wrote: > Hi everyone, > > > > I am using WSS4J 2.0 to handle WSS (mainly signature and encryption) in > one of our products. For incoming messages, we call > WSSecurityEngine.processSecurityHeader passing the received SOAPEnvelope as > DOM and analyze the WSSecurityEngineResults which are returned. > > > > For providing nonrepudiation information to the sender, I need, together > with other elements, which are already contained in the > WSSecurityEngineResults, the digestValue of the message. However, I can’t > find a way to get this information the way we are verifying signature and > are decrypting. Can you recommend a way to get this information? > > > > I have seen that SignatureProcessor is retrieving a Reference list from > the SignatureInfo which contains the digestValues, however, it does neither > pass the digestValues nor does it pass the Reference list. Do I oversee a > way to get to that List via the WSSecurityEngine? > > > > Thanks for all hints. > > > > Regards, > > Julian Engelhardt > > SEEBURGER AG - Edisonstr. 1, D 75015 Bretten, Germany > mailto: [email protected] - www.seeburger.de > > > > > > > > > > *SEEBURGER AG* Vorstand/Seeburger Executive Board: Sitz der > Gesellschaft/Registered Office: Bernd Seeburger, Axel Haas, Michael > Kleeberg Edisonstr. 1 D-75015 Bretten Vorsitzender des > Aufsichtsrats/Chairperson of the Seeburger Supervisory Board: Tel.: > 07252 / 96 - 0 Dr. Franz Scherer Fax: 07252 / 96 - 2222 Internet: > http://www.seeburger.de Registergericht/Commercial Register: e-mail: > [email protected] HRB 240708 Mannheim > > > Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet > ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes > Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung > ist die des Autors und stellt nicht notwendigerweise die Ansicht oder > Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie > diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, > Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens > untersagt. Weder die SEEBURGER AG noch der Absender (Engelhardt. Julian) > übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die > E-Mail und deren Anhänge auf Viren zu prüfen. > > This email is intended only for the recipient(s) to whom it is > addressed. This email may contain confidential material that may be > protected by professional secrecy. Any fact or opinion contained, or > expression of the material herein, does not necessarily reflect that of > SEEBURGER AG. If you are not the addressee or if you have received this > email in error, any use, publication or distribution including forwarding, > copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the > sender (Engelhardt. Julian) accept liability for viruses; it is your > responsibility to check this email and its attachments for viruses. > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
