jQuery in Action, 2nd edition*
The moose likes Web Services and the fly likes Digital Signature Validation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Digital Signature Validation" Watch "Digital Signature Validation" New topic
Author

Digital Signature Validation

Patrick McDonogh
Ranch Hand

Joined: Oct 13, 2005
Posts: 89
Hi all,

I was hoping someone may be able to shed some light on this problem. Sorry about there being so much text, i know its a pain.
I am trying to validate an enveloped xml digital signature.
The signature element is shown below:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference>
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4PUm1HQqYCBO734SQFmPJPRCFyM=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Q+yEfnM5PA2punGmevuvLtwj4+XRsWeeiq7SJ9Ekd28NJ9jVtCa9oB3bU2aGl5wlX8HufH2GFJgg9o9OFFrSvRAPpgWKW4/+3aL06S9B7YT4MQP/7St2gL1v2+v4tmQ7CSvF+VTFVugIezewAQPKvhJaNLHD+njOD+60W9pK17U=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIID9DCCAtygAwIBAgIEQd28HjANBgkqhkiG9w0BAQUFADAyMQwwCgYDVQQKEwNuaHMxCzAJBgNVBAsTAkNBMRUwEwYDVQQDFAxOSVMyX1NVQkNBQ0MwHhcNMDUwNjAzMDg0OTM5WhcNMDcwNjAzMDkxOTM5WjBFMQwwCgYDVQQKDANuaHMxDzANBgNVBAsMBlBlb3BsZTEkMCIGA1UEAwwbNjY5ODEwODE5MDEzX2pvaG5fd2hpdGVzaWRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd56UQCtS3DFH7gy851azIEcPXwwqnhR1U7/a6xGqVjw+eKzBr2JW96loo6qDyCvhyokkYfteRP428e9euU11YdcOXQkqlRp7OpqAJSGdcgdMn5GCpKOU5eQVkvKq7eVXRBGoHfDbK5eakY3g51VorjVrRWK3UTNHLaJ9i265+cwIDAQABo4IBgTCCA X0wDgYDVR0PAQH/BAQDAgZAMCsGA1UdEAQkMCKADzIwMDUwNjAzMDg0OTM5WoEPMjAwNzA2MDMwOTE5MzlaMIGBBgNVHSABAf8EdzB1MHMGCyqGOgCJe2YAAwIAMGQwYgYIKwYBBQUHAgEWVmh0dHA6Ly9ud3cubnBmaXQubmhzLnVrL2luZm9ybWF0aW9uX2dvdmVybmFuY2UvY2VydGlmaWNhdGVfcG9saWNpZXMvY29udGVudF9jb21taXRtZW50MFQGA1UdHwRNMEswSaBHoEWkQzBBMQwwCgYDVQQKEwNuaHMxCzAJBgNVBAsTAkNBMRUwEwYDVQQDFAxOSVMyX1NVQkNBQ0MxDTALBgNVBAMTBENSTDYwHwYDVR0jBBgwFoAUf9nfwHnN3lyRuNDqm6KbL5rJrbswHQYDVR0OBBYEFJwcDZUFw6Ycp+tbiRfSNc9O8sGcMAkGA1UdEwQCMAAwGQYJKoZIhvZ9B0EABAwwChsEV jcuMQMCBLAwDQYJKoZIhvcNAQEFBQADggEBAER1g1MwPA6t+y2TJYKEx/fgGUSCCqaCoNvCPNTG32rr8Xcn6csMPn0YunxQe2QrOImRwgbNzgAA1mwggVXt7SpFyhSsAy8k3MdtFeypgbjRpuG5m9IWS9pqoztYnmUfgtsBoms5s4y4exGr68OsF1f2hum96bQ4Ee6De9kAnFJBfCHHNW2NqhdVZ/83VCe09iOYEuJAubGTsWkhMWvqrbsrjmVR7KakiMNkRTPQ4KaexX8coC7+AR/ijvoCMjBXS5vcIX60I2359M2gaQjGjA6bzcuq9y6/MlkAJYo3bbCvwJI4721eHml2X61IAm8nllO0iuRYNf+Vot6nOWhtHc4=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>

The code then takes this element and does the following.

NodeList nl = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0)
{
throw new Exception("Cannot find Signature element");
}
Node signatureNode = nl.item(0);

String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());

DOMValidateContext valContext = new DOMValidateContext(key, nl.item(0));

XMLSignature signature = fac.unmarshalXMLSignature(valContext);

boolean coreValidity = signature.validate(valContext);

When i check the core validity i get the following error(I am also not running a Junit test, this must be from somewhere else):

junit.framework.AssertionFailedError: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Could not find a resolver for URI null and Base null
at com.qxlva.nhs.hl7.helperclasses.DigitalSignatureValidationTest.testDigitalSignature(DigitalSignatureValidationTest.java:48)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at com.intellij.rt.execution.junit2.JUnitStarter.main(JUnitStarter.java:32)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:90)

I would really appreciate any help on this as i just cannot understand why this is failing.

Thankyou very much
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Digital Signature Validation
 
Similar Threads
Is this XML valid?
Rampart alias name is null
Unable to parse an xml string using builder.parse
Certificate Signature Validation
Validating XML Digital Signature with Certificate Chain