NPE with gSOAP client

Yves Langisch Wed, 21 Dec 2005 13:09:03 -0800

Hi,

I have a gSOAP client sending a signed request to WSS4J 1.1.0 . During
the verification process a NullPointerException is thrown
(WSSecurityEngine, line 461). The NPE seems to come from the xmlsec
library. Below you find the complete stacktrace and the gSOAP request.
The only difference I see to a WSS4J request is the missing
'CanonicalizationMethod' and the 'Transforms' elements. But IMHO they
are optional by the spec.


at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
        at org.apache.xml.security.signature.XMLSignature.<init>(Unknown
Source)
        at
org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSSecurityEngine.java:461)
        at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320)
        at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
        at
a.b.c.AbstractCheckSecurityHandler.invoke(AbstractCheckSecurityHandler.java:158)
        at
a.b.c.CheckSecurityHandler.invoke(CheckSecurityHandler.java:69)
        at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at
org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
        at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
        at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:6

----

<wsse:Security SOAP-ENV:mustUnderstand="1">
            <wsu:Timestamp wsu:Id="Time">
               <wsu:Created>2005-12-21T22:00:45+01:00</wsu:Created>
               <wsu:Expires>2005-12-22T00:47:25+01:00</wsu:Expires>
            </wsu:Timestamp>
            <wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
 
wsu:Id="X509Token">MIIDsTCCAxqgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMRQwEgYDVQQHEwtUYWxsYWhhc3NlZTEWMBQGA1UEChMNR2VuaXZpYSwgSW5jLjELMAkGA1UECxMCSVQxFDASBgNVBAMTC2dlbml2aWEuY29tMSIwIAYJKoZIhvcNAQkBFhNjb250YWN0QGdlbml2aWEuY29tMB4XDTA0MTAwMjE3MTQwOFoXDTA1MTAwMjE3MTQwOFowgY0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJGTDEUMBIGA1UEBxMLVGFsbGFoYXNzZWUxFjAUBgNVBAoTDUdlbml2aWEsIEluYy4xCzAJBgNVBAsTAklUMRIwEAYDVQQDEwlsb2NhbGhvc3QxIjAgBgkqhkiG9w0BCQEWE2NvbnRhY3RAZ2VuaXZpYS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANNaNlzgeeRTdq80kIGzm1fKhT3SXlbKDhBCBciYF75c8/Z1lPGRKB/64dX51zy9WS02eogR2SRNm2Z48HfaT/XKh5iEuDYuL5RPOLPrVjaEhJdmDNSFCUoNA9B2Vxg5878nRoLsACb5ognldyxVq7KjwyOOcnBhSiroLyl2DkoVAgMBAAGjggEbMIIBFzAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUaFZhHcJnrCtOfenAhfjoBVjlz1YwgbwGA1UdIwSBtDCBsYAU4MyIi0GgIUqkYRhnJ2GgyUmVd8qhgZWkgZIwgY8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJGTDEUMBIGA1UEBxMLVGFsbGFoYXNzZWUxFjAUBgNVBAoTDUdlbml2aWEsIEluYy4xCzAJBgNVBAsTAklUMRQwEgYDVQQDEwtnZW5pdmlhLmNvbTEiMCAGCSqGSIb3DQEJARYTY29udGFjdEBnZW5pdmlhLmNvbYIBADANBgkqhkiG9w0BAQUFAAOBgQBwcmjfme60+xDU5B5vt2i62UxDsTyyX/+kztKTAo5dGWLoG+oKLQ9kIqDNHW6jEgJDYoTzAtByRbR4NMQofNN5PcQ1rLWU3F/eor049vnvvD9lXWfNGlaGOTVW728FyQ6kj7ZU1si0c8XUOHQOPXxidNq2dbC8m+RTPejrhU5YQA==</wsse:BinarySecurityToken>
            <ds:Signature>
               <ds:SignedInfo>
                  <ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
                  <ds:Reference URI="#Body">
                     <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
                     <ds:DigestValue>M3aJ
+2vrs4GxZtUb2hzqdDjXsS4=</ds:DigestValue>
                  </ds:Reference>
                  <ds:Reference URI="#X509Token">
                     <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
                     <ds:DigestValue>KzcEfJFx3jlQ399g+zmrMxelT
+0=</ds:DigestValue>
                  </ds:Reference>
                  <ds:Reference URI="#Time">
                     <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
                     <ds:DigestValue>wJo/g7CUd3fntbt
+kS7moBNhDa8=</ds:DigestValue>
                  </ds:Reference>
               </ds:SignedInfo>

<ds:SignatureValue>I4vJwRK8X/tYhrWQf2TH6p12geUV3awLupkYFLAOOGC/d0jbC39oXt5aHLeCb6brdDz669fKxwL0jatfakeh24GTWwYJ0vf+iPKk//HYwoMzkcCXBRsvEvaJXJ5hagg5qpajAtSVriaYofAWpcca5VkVHYKnYVOg67GGAGFt+to=</ds:SignatureValue>
               <ds:KeyInfo>
                  <wsse:SecurityTokenReference>
                     <wsse:Reference URI="#X509Token"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
                  </wsse:SecurityTokenReference>
               </ds:KeyInfo>
            </ds:Signature>
         </wsse:Security>
      </SOAP-ENV:Header>

Any ideas?

Thanks
Yves


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

NPE with gSOAP client

Reply via email to