• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Digital Signature Validation

 
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I was hoping someone may be able to shed some light on this problem. Sorry about there being so much text, i know its a pain.
I am trying to validate an enveloped xml digital signature.
The signature element is shown below:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference>
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>4PUm1HQqYCBO734SQFmPJPRCFyM=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Q+yEfnM5PA2punGmevuvLtwj4+XRsWeeiq7SJ9Ekd28NJ9jVtCa9oB3bU2aGl5wlX8HufH2GFJgg9o9OFFrSvRAPpgWKW4/+3aL06S9B7YT4MQP/7St2gL1v2+v4tmQ7CSvF+VTFVugIezewAQPKvhJaNLHD+njOD+60W9pK17U=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIID9DCCAtygAwIBAgIEQd28HjANBgkqhkiG9w0BAQUFADAyMQwwCgYDVQQKEwNuaHMxCzAJBgNVBAsTAkNBMRUwEwYDVQQDFAxOSVMyX1NVQkNBQ0MwHhcNMDUwNjAzMDg0OTM5WhcNMDcwNjAzMDkxOTM5WjBFMQwwCgYDVQQKDANuaHMxDzANBgNVBAsMBlBlb3BsZTEkMCIGA1UEAwwbNjY5ODEwODE5MDEzX2pvaG5fd2hpdGVzaWRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd56UQCtS3DFH7gy851azIEcPXwwqnhR1U7/a6xGqVjw+eKzBr2JW96loo6qDyCvhyokkYfteRP428e9euU11YdcOXQkqlRp7OpqAJSGdcgdMn5GCpKOU5eQVkvKq7eVXRBGoHfDbK5eakY3g51VorjVrRWK3UTNHLaJ9i265+cwIDAQABo4IBgTCCA X0wDgYDVR0PAQH/BAQDAgZAMCsGA1UdEAQkMCKADzIwMDUwNjAzMDg0OTM5WoEPMjAwNzA2MDMwOTE5MzlaMIGBBgNVHSABAf8EdzB1MHMGCyqGOgCJe2YAAwIAMGQwYgYIKwYBBQUHAgEWVmh0dHA6Ly9ud3cubnBmaXQubmhzLnVrL2luZm9ybWF0aW9uX2dvdmVybmFuY2UvY2VydGlmaWNhdGVfcG9saWNpZXMvY29udGVudF9jb21taXRtZW50MFQGA1UdHwRNMEswSaBHoEWkQzBBMQwwCgYDVQQKEwNuaHMxCzAJBgNVBAsTAkNBMRUwEwYDVQQDFAxOSVMyX1NVQkNBQ0MxDTALBgNVBAMTBENSTDYwHwYDVR0jBBgwFoAUf9nfwHnN3lyRuNDqm6KbL5rJrbswHQYDVR0OBBYEFJwcDZUFw6Ycp+tbiRfSNc9O8sGcMAkGA1UdEwQCMAAwGQYJKoZIhvZ9B0EABAwwChsEV jcuMQMCBLAwDQYJKoZIhvcNAQEFBQADggEBAER1g1MwPA6t+y2TJYKEx/fgGUSCCqaCoNvCPNTG32rr8Xcn6csMPn0YunxQe2QrOImRwgbNzgAA1mwggVXt7SpFyhSsAy8k3MdtFeypgbjRpuG5m9IWS9pqoztYnmUfgtsBoms5s4y4exGr68OsF1f2hum96bQ4Ee6De9kAnFJBfCHHNW2NqhdVZ/83VCe09iOYEuJAubGTsWkhMWvqrbsrjmVR7KakiMNkRTPQ4KaexX8coC7+AR/ijvoCMjBXS5vcIX60I2359M2gaQjGjA6bzcuq9y6/MlkAJYo3bbCvwJI4721eHml2X61IAm8nllO0iuRYNf+Vot6nOWhtHc4=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>

The code then takes this element and does the following.

NodeList nl = document.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0)
{
throw new Exception("Cannot find Signature element");
}
Node signatureNode = nl.item(0);

String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());

DOMValidateContext valContext = new DOMValidateContext(key, nl.item(0));

XMLSignature signature = fac.unmarshalXMLSignature(valContext);

boolean coreValidity = signature.validate(valContext);

When i check the core validity i get the following error(I am also not running a Junit test, this must be from somewhere else):

junit.framework.AssertionFailedError: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Could not find a resolver for URI null and Base null
at com.qxlva.nhs.hl7.helperclasses.DigitalSignatureValidationTest.testDigitalSignature(DigitalSignatureValidationTest.java:48)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at com.intellij.rt.execution.junit2.JUnitStarter.main(JUnitStarter.java:32)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:90)

I would really appreciate any help on this as i just cannot understand why this is failing.

Thankyou very much
 
Yeah, but how did the squirrel get in there? Was it because of the tiny ad?
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic