hello,
has anybody tried interop with sun jwsdp-1.6?
i cannot use wss4j to verify a message signed with jwsdp...? is this a known
issue?
the problem is, that the digests when resolving the references are not equal:
- Token reference uri: #XWSSGID-1126515797640161369913
- verify 2 References
- I am not requested to follow nested Manifests
- setElement("ds:Reference", "null")
- Request for URI http://www.w3.org/2000/09/xmldsig#sha1
- I was asked to create a ResourceResolver and got 1
- extra resolvers to my existing 4 system-wide resolvers
- check resolvability by class org.apache.ws.security.message.EnvelopeIdResolver
- enter engineResolve, look for: #XWSSGID-11265158021251414682510
- Tag: wsu:Timestamp, 'null'
- Attr: wsu:Id, 'XWSSGID-11265158021251414682510'
- Attr: xmlns, ''
- Attr: xmlns:enc, 'http://schemas.xmlsoap.org/soap/encoding/'
- Attr: xmlns:env, 'http://schemas.xmlsoap.org/soap/envelope/'
- Attr: xmlns:ns0, 'http://ztable.ejpd.ch/types'
- Attr: xmlns:wsse,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
- Attr: xmlns:wsu,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
- Attr: xmlns:xsd, 'http://www.w3.org/2001/XMLSchema'
- Attr: xmlns:xsi, 'http://www.w3.org/2001/XMLSchema-instance'
- Tag: #text, '
'
- Tag: wsu:Created, 'null'
- Attr: xmlns, ''
- Attr: xmlns:enc, 'http://schemas.xmlsoap.org/soap/encoding/'
- Attr: xmlns:env, 'http://schemas.xmlsoap.org/soap/envelope/'
- Attr: xmlns:ns0, 'http://ztable.ejpd.ch/types'
- Attr: xmlns:wsse,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
- Attr: xmlns:wsu,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
- Attr: xmlns:xsd, 'http://www.w3.org/2001/XMLSchema'
- Attr: xmlns:xsi, 'http://www.w3.org/2001/XMLSchema-instance'
- Tag: #text, '2005-09-12T09:03:21Z'
- Tag: #text, '
'
- Tag: wsu:Expires, 'null'
- Attr: xmlns, ''
- Attr: xmlns:enc, 'http://schemas.xmlsoap.org/soap/encoding/'
- Attr: xmlns:env, 'http://schemas.xmlsoap.org/soap/envelope/'
- Attr: xmlns:ns0, 'http://ztable.ejpd.ch/types'
- Attr: xmlns:wsse,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
- Attr: xmlns:wsu,
'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
- Attr: xmlns:xsd, 'http://www.w3.org/2001/XMLSchema'
- Attr: xmlns:xsi, 'http://www.w3.org/2001/XMLSchema-instance'
- Tag: #text, '2005-09-12T09:08:21Z'
- Tag: #text, '
'
- engineResolve= 33
- exit engineResolve, result: XMLSignatureInput/NodeSet/33 nodes/null
- Verification failed for URI "#XWSSGID-11265158021251414682510"
any hints?
gruss, yves
ps: attached is the soap message
sunrise ADSL: gratis und so sicher wie noch nie
http://www.sunrise.ch/home/proint/proint_ads-2.htm
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";>
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; SOAP-ENV:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; wsu:Id="XWSSGID-1126712329621513364021">MIIC8zCCAlygAwIBAgIBATANBgkqhkiG9w0BAQQFADBUMQswCQYDVQQGEwJJTjETMBEGA1UECBMK
U29tZS1TdGF0ZTEMMAoGA1UEChMDU1VOMQwwCgYDVQQLEwNKV1MxFDASBgNVBAMTC1Jvb3RDQSAy
MDA1MB4XDTA1MDQxMjA1MzIwN1oXDTA2MDQxMjA1MzIwN1owTzELMAkGA1UEBhMCQVUxEzARBgNV
BAgTClNvbWUtU3RhdGUxDDAKBgNVBAoTA1NVTjEMMAoGA1UECxMDSldTMQ8wDQYDVQQDEwZDbGll
bnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO4YL6nvE7TSFnRLD+XMiY54WioJyN5qFQqO
V7YFxLluOWJ8UkOEqEq1vF5cQtlIipkGD8uW0JkwATZRxWNCamRyX2yWH/6GrTJDLc2xDcD9CJ7M
C+CJdPpQfmQyx6Jo5RDq6ltY8dmud/L3VbErpWCSWTI+U7xiMGIC3avrUPVvAgMBAAGjgdkwgdYw
CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
HQYDVR0OBBYEFEie+o68SdsEgAk3mgcEkyxKqWu6MHwGA1UdIwR1MHOAFEnXft+E9/6MLG8H5vj1
jWdhYuDjoVikVjBUMQswCQYDVQQGEwJJTjETMBEGA1UECBMKU29tZS1TdGF0ZTEMMAoGA1UEChMD
U1VOMQwwCgYDVQQLEwNKV1MxFDASBgNVBAMTC1Jvb3RDQSAyMDA1ggEAMA0GCSqGSIb3DQEBBAUA
A4GBAJW7cZJY/iPMkMuabqYIafNBe8F8UKy8Qz1FfyrawIwoCGx33AGE0RIhdeDJHeQvBSsxCqnj
ZZm7dlee+XUURWyhy3K4gJrJw33mLEDhsnRY6ObDP2XaBLNJT2WoiNvgIc0LSwADzGEMFVENCQLd
idXnkSOU6azYDCov4oRYGlNh</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";>
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="wsse SOAP-ENV"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#XWSSGID-1126712330472-1335315878">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>D512S6IDfzEs5n3M2PAceY/EtbU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#XWSSGID-1126712330478-1126252258">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>6/rP1jFb1gfzOKjqteXiDUGrY9c=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>pVkWrmGlPtStilYdwhm9OIh0Et6yqEfnSntpuB6FddzLlRyebBmqE4nI4C1GYhVN/NZqXFYISKBH
WLFL2EWEEjEJt5MmHdS7NI2RWJRBfv6tlvJlAVLOowAJYIAHxIJ7zpXhou9QoY/NadT0J6rBtTYn
2FpnGyYPX/CY2oZ4daE=</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="XWSSGID-1126712330388-1730842559">
<wsse:Reference URI="#XWSSGID-1126712329621513364021" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="XWSSGID-1126712330472-1335315878">
<wsu:Created>2005-09-14T15:38:50Z</wsu:Created>
<wsu:Expires>2005-09-14T15:43:50Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="XWSSGID-1126712330478-1126252258">
<tru:StockSymbol xmlns:tru="http://fabrikam123.com/payloads";>QQQ</tru:StockSymbol>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
