The core problem is that Google have deceived to not support XML DOM processing including XSD (Schemas) in spite of being a part of Java since version 5.
I have ported Xerces and parts of XLMSec to Android which shows that it is technically not a problem at least: http://code.google.com/p/openkeystore/source/browse/trunk/android.mod I do use XML Dsig but not WS Security. Anyway, *creating* XML signatures does *not* require any fancy library. You just create a normalized string and that's it! Use the standard JDK to verify that you did it right before moving the code to Android. Anders On 2012-11-28 07:27, balram kola wrote: > hi all, > > i am also stuck up at doing xml signature part in our > application....i too did R&D more than one week to implement XML digital > signature in our application i.e. Adhaar Authentication...but i was > unsuccessful... i tried with JNI-NDK but i didnt get libxmlsec library for > android platform.. i got the openssl library which is part of the > libxmlsec..but i didnt get complete libxmlsec library for android... i got > xmlsec "c" source code but i dont know how to create "Android.mk" file from > that "c" source..can any one provide me "libxmlsec" library for android..or > any guidance to resolve this... > > On Friday, 5 October 2012 12:58:30 UTC+3, sumit gulati wrote: > > Hi Pankaj, > > Please guide me or provide the code. I also have to consume the wcf soap > webservices using x509 certificate. The webservice are deployed on http > protocol. There is no ssl layer. > > On Tuesday, February 28, 2012 12:08:23 PM UTC+5:30, Pankaj wrote: > > I want to consume WCF web-service which uses X.509 certificate for > mutual authentication. I had imported certificates using keytools in > BKS keystore & able to use in android code. Now for mutual > authentication i need to create web-request which have message digest > & signature in it > > <s:Header> > <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/ > oasis-200401-wss-wssecurity-secext-1.0.xsd > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>" > s:mustUnderstand="1"> > <u:Timestamp u:Id="_0"> > <u:Created>2012-02-21T04:45:06.429Z</u:Created> > <u:Expires>2012-02-21T04:50:06.429Z</u:Expires> > </u:Timestamp> > <o:BinarySecurityToken u:Id="uuid-e35f5271-3c4e-47c7- > ba34-8d995e414ba3-1" > ValueType="http://docs.oasis-open.org/wss/2004/01/ > oasis-200401-wss-x509-token-profile-1.0#X509v3 > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>" > EncodingType="http:// > docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message- > security-1.0#Base64Binary > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary>"> > > MIICbzCCAdygAwIBAgIQfjyZ229iN4tAbV0fiYiVyTAJBgUrDgMCHQUAMD8xPTA7BgNVBAMTNGNsaWVudC5iNTRiYTFkN2U2NzY0ZDdkOWRiMDA3YTgyNmM5ZGE5Ny5jbG91ZGFwcC5uZXQwHhcNMTIwMjE2MTY0MjI1WhcNMzkxMjMxMjM1OTU5WjA/ > > MT0wOwYDVQQDEzRjbGllbnQuYjU0YmExZDdlNjc2NGQ3ZDlkYjAwN2E4MjZjOWRhOTcuY2xvdWRhcHAubmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRW > +Di90XDGulLybdBboUlOilxvbcnfow+NhoNW80uNjmGQiQpxP0oNnYT7RKJ > +nP3+sZxUfRfazLgvOTFn0F9SIFQ9T4I5LNFMHhDfExoT0k/ > aeF870Euy07BiwF7eXw6toSv1dKwKavq20szbIr/NeabIEDS/GzKY6P0/ > > TOQfwIDAQABo3QwcjBwBgNVHQEEaTBngBCNb6YOYI3RBR64WvVUjQtPoUEwPzE9MDsGA1UEAxM0Y2xpZW50LmI1NGJhMWQ3ZTY3NjRkN2Q5ZGIwMDdhODI2YzlkYTk3LmNsb3VkYXBwLm5ldIIQfjyZ229iN4tAbV0fiYiVyTAJBgUrDgMCHQUAA4GBAG5v1DZmXQKcaxNzz2VYDZ8aYYrYRQwU4lrBKlI0CnrkcZwQGPmRxdkiET9D91kcN/ > fmq90nj1F5FZoqhzeT1moqGKXKT9HRX8j6Ln1QDhsr+0JfgJW9/ > IFaQI14xKwr8bw4+DxIyp0IMpSw9biULmIQ1QuTzfKDEowlcQhsik+E > </o:BinarySecurityToken> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig# > <http://www.w3.org/2000/09/xmldsig#>"> > <SignedInfo> > <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc- > <http://www.w3.org/2001/10/xml-exc-> > c14n#"/> > <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa- > sha1 <http://www.w3.org/2000/09/xmldsig#rsa-sha1>"/> > <Reference URI="#_0"> > <Transforms> > <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# > <http://www.w3.org/2001/10/xml-exc-c14n#>"/> > </Transforms> > <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1 > <http://www.w3.org/2000/09/xmldsig#sha1>"/> > <DigestValue>Soj1m/E157CempDHHC6c6gZBd1E=</DigestValue> > </Reference> > </SignedInfo> > <SignatureValue> > kqsIYUc3uYoQpuWVWYOio4KcGpon+3wDDhsAzVgZVljQxEhF7z1JS/ > qzw9ELYCn2JbYIkWMtEeYfXRtPvjrPM1fjJiqbXSKq7jHEeVtMQnOytAHRL1ZFA > +dLq4spJQR7uYnmJ1lmgQnu1kYcteSmD29Xm5e5dPUnz4yap3p7zC4= > </SignatureValue> > <KeyInfo> > <o:SecurityTokenReference> > <o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/ > oasis-200401-wss-x509-token-profile-1.0#X509v3 > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>" > URI="#uuid- > e35f5271-3c4e-47c7-ba34-8d995e414ba3-1"/> > </o:SecurityTokenReference> > </KeyInfo> > </Signature> > </o:Security> > </s:Header> > > But to create message digest we need perform XML canonicalization with > "http://www.w3.org/2001/10/xml-exc-c14n# > <http://www.w3.org/2001/10/xml-exc-c14n#>" transform algorithm. I am > not able to found any API or library which perform above task. > > I had used xmlsec jar but I guess it is not supported by android and > also used all the option which I found after googling. > > Please guide me how to call WCF web-service which involve X.509 > certificate based mutual authentication. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-security-discuss/-/kDEBN9aOcU4J. > To post to this group, send email to > android-security-discuss@googlegroups.com. > To unsubscribe from this group, send email to > android-security-discuss+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
