This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Reference URI error creating digital signature for a specific XML element/ Node

Baja Pantis
Posts: 1
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I am stuck trying to get this to work but I keet getting an exception when I try to create a digital dignature for a specific element in my XML document. The source document is a SOAP envelope and the program parses the data from a file and creates the Document object. Basically what I am trying to do is to create a digital signature with multiple parts/ references...mainly the SOAP Body and the TimeStamp node under the Security node of the SOAP Header. So right now I am trying to sign the Body part of the SOAP message. The SOAP Body has a wsu:Id value and I am using that when creating the Reference object. I am using the securityNode reference for inserting the Signature node as that is where it should be anyway. I don't think this is an issue but figured I would state it just in case. I think I am doing this right but it's not working. I saw someone else posted the same issue but no answer was given.

I have tried so many different things and as long as I specify the URI for creating the Reference object then I get the exception. The weird thing is that the exception is thrown at the time of signing the context. Am I doing this right? How do I correct this? Any help is greatly appreciated.

P.S. I pasted below the exception, prgram code, and the input data

********************** EXCEPTION ********************

Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: java.lang.NullPointerException
at Source)
at Source)
at Source)
at Source)
at XMLDsigTester.main(
Caused by: javax.xml.crypto.URIReferenceException: java.lang.NullPointerException
at Source)
... 5 more
Caused by: java.lang.NullPointerException
at Source)
at Source)
at Source)
... 6 more
javax.xml.crypto.URIReferenceException: java.lang.NullPointerException
at Source)
at Source)
at Source)
at Source)
at Source)
at XMLDsigTester.main(
Caused by: java.lang.NullPointerException
at Source)
at Source)
at Source)
... 6 more

********************** JAVA CLass ********************

import javax.xml.crypto.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dom.*;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.*;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import java.util.Collections;
import java.util.Iterator;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.*;
import javax.xml.transform.dom.DOMSource;
import org.w3c.dom.Document;
import org.w3c.dom.*;

public class XMLDsigTester

public static void main(String[] args) throws Exception

////////////// DECLARATIONS //////////////////

final String ENVELOPE_TAG = "Envelope";
final String HEADER_TAG = "Header";
final String SECURITY_TAG = "Security";
final String BODY_TAG = "Body";
final String SEPARATOR = ":";

Node envelopeNode = null;
Node headerNode = null;
Node bodyNode = null;

NodeList envelopeChildren = null;
NodeList headerChildren = null;
Node childNode = null;
Node securityNode = null;

String providerName = null;
String sEnvelopeNamespace = null;
String sFullHeaderTagName = null;
String sFullBodyTagName = null;
String sNodeName = null;

int iEnvelopeChildren;
int iHeaderChildren;

////////////// START OF LOGIC //////////////////

providerName = System.getProperty("jsr105Provider", "");

DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
Document doc = dbf.newDocumentBuilder().parse(new FileInputStream("myfile.xml"));

Provider providerObj = (Provider) Class.forName(providerName).newInstance();

/// Create references to the Envelope, Header, Body and Security nodes ///

envelopeNode = doc.getDocumentElement();
envelopeChildren = envelopeNode.getChildNodes();
iEnvelopeChildren = envelopeChildren.getLength();

sEnvelopeNamespace = envelopeNode.getPrefix();
if (sEnvelopeNamespace != null && !sEnvelopeNamespace.trim().equals(""))
sFullHeaderTagName = sEnvelopeNamespace.trim().concat(SEPARATOR).concat(HEADER_TAG);
sFullBodyTagName = sEnvelopeNamespace.trim().concat(SEPARATOR).concat(BODY_TAG);
sFullHeaderTagName = HEADER_TAG;
sFullBodyTagName = BODY_TAG;

for (int i=0; i < iEnvelopeChildren; i++)
sNodeName = null;
childNode = null;

childNode = envelopeChildren.item(i);
sNodeName = childNode.getNodeName().trim();

if (sNodeName.equalsIgnoreCase(sFullHeaderTagName))
headerNode = childNode;
else if (sNodeName.equalsIgnoreCase(sFullBodyTagName))
bodyNode = childNode;

headerChildren = headerNode.getChildNodes();
iHeaderChildren = headerChildren.getLength();

String sLocalNodeName = null;
for (int i=0; i < iHeaderChildren; i++)
sLocalNodeName = null;
sNodeName = null;
childNode = null;

childNode = headerChildren.item(i);
sNodeName = childNode.getNodeName().trim();

sLocalNodeName = childNode.getLocalName();

if (sLocalNodeName != null)
if (sLocalNodeName.trim().equalsIgnoreCase(SECURITY_TAG))
securityNode = childNode;

/// Main logic for generating XML signature ///

XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", providerObj);

KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
KeyPair kp = kpg.generateKeyPair();

KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());

KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));

DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), securityNode);
dsc.putNamespacePrefix("", "ds");

DigestMethod digestMethod = fac.newDigestMethod(DigestMethod.SHA1, null);
Transform transformObj = fac.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null);

Reference ref = fac.newReference("part-Body-4F4332715C4C1670E10080000A441E26", digestMethod, Collections.singletonList(transformObj), null, null);

CanonicalizationMethod canonMethodObj = fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE, (C14NMethodParameterSpec) null);
SignatureMethod signatureMethodObj = fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null);
SignedInfo si = fac.newSignedInfo(canonMethodObj, signatureMethodObj, Collections.singletonList(ref));

XMLSignature signature = fac.newXMLSignature(si, ki);

TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
trans.transform(new DOMSource(doc), new StreamResult(new FileOutputStream("mySignedFile.xml")));

********************** INPUT DATA ********************

<soap-env:Envelope xmlns:soap-env="">
<wsse:Security xmlns:wsse="" xmlns:wsu="">
<wsu:Timestamp wsu:Id="ts-4F43326F5C4C1670E10080000A441E26">
<wsa:Action soap-env:mustUnderstand="1" xmlns:wsa=""/>
<wsa:MessageID xmlns:wsa="">uuid:4f43f2ff-38aa-1a90-e100-80000a441e26</wsa:MessageID>
<soap-env:Body wsu:Id="part-Body-4F4332715C4C1670E10080000A441E26" xmlns:wsu="">
<Name>Robert Smith</Name>
<Item partNum="C763">
<Name>ThinkPad X20</Name>
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic