XML signature validation

  • Thread starter =?ISO-8859-15?Q?Tobias_Schr=F6er?=
  • Start date

?

=?ISO-8859-15?Q?Tobias_Schr=F6er?=

Hello everyone,

I'm stuck. I try to implement a XML data signature validation using the
javax.xml.crypto.* packages from SUN, included in JWSDP 2.0.
Differently to the examples provided with the download, my public key is
(intentionally) not included in the xml file.
The public and private keys and the signed XML file were created with a
C#.Net 1.1 application. The public key file looks like this:

<RSAKeyValue>
<Modulus>vnh1DktYlAnQw3sa31D7z01CAkG9SJlFnPGSgGw8BFJmtW6QuRu7XW+VoAei4xPVg2IzvS24CWH3xNJ4rIj2aBvyHiQbp7Td+pmwRirUPfYOzo7RGSLQLV1TO7Af3RvIkLpmqlHFdUXyWf0vGaVkag9FRHLUp3V4OY8RazM2ftM=</Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue>

my signed XML file looks somethimg like this:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#obj">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>UcNGsonRBQuGcYE4wBwAukJx6Vk=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>BsisRhAVoas9dyO1fXq3D+94Hh5nVLDGMgqVXuPV5ZLa+zb6NGvjYLdIKxzwvkMSd6DCX2LVkmabz1rTdDq14bQ7znWsydAO0FZvM6OnJETnPQo8ihY3GxzGZjy22g6dOfzOIvf/F1TCSgZUNUxFglehHGUttTCjSEJ5FimHjYw=</SignatureValue>
<Object Id="obj">
<anElement>aValue</anElement>
<anotherElement>anotherValue</anElement>
</Object>
</Signature>

According to the "validate" examples of the JWSDP 2.0, I need to get the
public key, but I do not now how.

Any suggestion how to solve this in Java?

TIA
Tobi
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top