The problem is that you modified the signed message, therefore verification fails.
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: mohamed sellami [mailto:[EMAIL PROTECTED] > Gesendet: Dienstag, 4. Juli 2006 16:03 > An: [email protected] > Betreff: Verifying the soap message signature > > Hello everybody > > I'm new to wss4j and I'm actually testing it. > > I tried to sign a soap message and then to verify it. > > For the signature all seems to be all right but I encountered > an exception when verifying the signature. > > Here is the code I used for the verification: > > -------------------------------------------------------------- > ------------- > ------------------------Code start > -------------------------------------------------------------- > ------------- > import java.io.*; > > import org.apache.ws.security.*; > import org.apache.ws.security.components.crypto.*; > import org.apache.ws.security.message.*; > > import org.apache.axis.utils.*; > import org.apache.axis.message.*; > import org.apache.axis.client.*; > import org.apache.axis.*; > import org.apache.axis.configuration.*; > import java.util.Vector; > import org.w3c.dom.*; > > public class VerifSignSOAP{ > private static final String signedSOAPMsg= > "<SOAP-ENV:Envelope "+ > "xmlns:SOAP-ENV=\"http://www.w3.org/2003/05/soap-envelope\"; "+ > "xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"; "+ > "xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\";>"+ > "<SOAP-ENV:Header>"+ > "<wsse:Security SOAP-ENV:mustUnderstand=\"true\" "+ > > "xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200 401-wss-wssecurity-secext-1.0.xsd\">"+ > "<ds:Signature > xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\";>"+ > "<ds:SignedInfo>"+ > "<ds:CanonicalizationMethod > Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>"+ > "<ds:SignatureMethod > Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>"+ > "<ds:Reference URI=\"#id-30472956\">"+ > "<ds:Transforms>"+ > "<ds:Transform > Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>"+ > "</ds:Transforms>"+ > "<ds:DigestMethod > Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>"+ > "<ds:DigestValue>UgA2oOAXUuXx7wXm7NfLHu7qS34= > </ds:DigestValue>"+ > "</ds:Reference>"+ > "</ds:SignedInfo>"+ > "<ds:SignatureValue>"+ > > "jlviX+9c/bSlAF01GLfilti3Yp1+9EXcKzI2rDi/dJ1tpsk0DO7tXvmv8HqNu 9oVSBS6soXhKMuG"+ > > "GUxe5hvotBANtuk3Fo0JBtr63+r9ZuwoGgSjer+5uHge6e+3XA029CzdSMNAF SvJobzCSojvgX+C"+ > "dv+cmd4ApWLAogPCgq4="+ > "</ds:SignatureValue>"+ > "<ds:KeyInfo Id=\"KeyId-8549963\">"+ > "<wsse:SecurityTokenReference wsu:Id=\"STRId-31782850\" "+ > > "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-2004 01-wss-wssecurity-utility-1.0.xsd\">"+ > "<ds:X509Data>"+ > "<ds:X509IssuerSerial>"+ > "<ds:X509IssuerName>CN=sellami > mohamed,OU=CNSS,O=CNSS,L=Sfax,ST=Tunisie,C=TN</ds:X509IssuerName>"+ > "<ds:X509SerialNumber>1151857306</ds:X509SerialNumber>"+ > "</ds:X509IssuerSerial>"+ > "</ds:X509Data>"+ > "</wsse:SecurityTokenReference>"+ > "</ds:KeyInfo>"+ > "</ds:Signature>"+ > "</wsse:Security>"+ > "</SOAP-ENV:Header>"+ > "<SOAP-ENV:Body wsu:Id=\"id-30472956\" > xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-20040 1-wss-wssecurity-utility-1.0.xsd\">"+ > "<sayHello > xmlns=\"http://jeffhanson.com/services/helloworld\";>"+ > "<value xmlns=\"\">Hello world!</value>"+ > "</sayHello>"+ > "</SOAP-ENV:Body>"+ > "</SOAP-ENV:Envelope>"; > > private static final WSSecurityEngine secEngine =new > WSSecurityEngine(); > private static final Crypto crypto =CryptoFactory.getInstance(); > private static AxisClient engine = null; > private static MessageContext msgContext = null; > private static void verify(SOAPEnvelope > signedEnvelope) throws Exception { > Document doc = signedEnvelope.getAsDocument(); > secEngine.processSecurityHeader(doc, null, null,crypto); > > System.out.println("La firma del messaggio è valida"); > } > > > private static Message getAxisMessage(String unsignedEnvelope){ > InputStream inStream =new > ByteArrayInputStream(unsignedEnvelope.getBytes()); > Message axisMessage = new Message(inStream); > axisMessage.setMessageContext(msgContext); > return axisMessage; > } > > public static void main(String[] args){ > > try > { > Message axisMessage = getAxisMessage(signedSOAPMsg); > SOAPEnvelope signedEnvelope = axisMessage.getSOAPEnvelope(); > > System.out.println("<<< signed >>>"); > > > XMLUtils.PrettyElementToWriter(signedEnvelope.getAsDOM(),new > PrintWriter(System.out)); > > verify(signedEnvelope); > > } > catch (Exception e){e.printStackTrace();} > > > } > > } > > -------------------------------------------------------------- > ------------- > ----------------------------Code Ends > -------------------------------------------------------------- > ------------- > > I received this Exception : > > java.lang.NullPointerException > at > org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(Envel > opeIdResolver.java:100) > > at > org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unkno > wn Source) > > at > org.apache.xml.security.signature.Reference.getContentsBeforeTransfor > mation(Unknown Source) > > at > org.apache.xml.security.signature.Reference.dereferenceURIandPerformT > ransforms(Unknown Source) > > at > org.apache.xml.security.signature.Reference.calculateDigest(Unknown S > ource) > > at org.apache.xml.security.signature.Reference.verify(Unknown Source) > > at > org.apache.xml.security.signature.Manifest.verifyReferences(Unknown S > ource) > > at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source) > > at > org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Un > known Source) > > at > org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Un > known Source) > > at > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignatur > e(SignatureProcessor.java:264) > > at > org.apache.ws.security.processor.SignatureProcessor.handleToken(Signa > tureProcessor.java:79) > > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur > ityEngine.java:269) > > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur > ityEngine.java:191) > > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecur > ityEngine.java:144) > > at VerifSignSOAP.verify(VerifSignSOAP.java:78) > > at VerifSignSOAP.main(VerifSignSOAP.java:102) > > -------------------------------------------------------------- > ------------ > > Do someone has an idea on what the problem is ? > > Thanks > > Mohamed Sellami > -- > > > "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... > Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
