Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-590

XML Signature produced using STAX fails in signatue verification, as STAX output add prefix to root element

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Blocker
    • Resolution: Unresolved
    • Java 2.3.0
    • None
    • Java
    • None

    Description

      We have been using DOM based signature processing for XMLs and for large XML signing we are impementing the XML signing using STAX. But the signature verification is failing for the XML's whose root element does not any prefix.

      During the STAX Enveloped Signature, produced XML root element has prefix, where as original XML content does not have any prefix to the root element.
      Here is the XML which is used for signing using STAX

      <Envelope xmlns:hd="urn:iso:std:iso:20022:tech:xsd:head.001.001.01"
      xmlns="http://www.xyz.ab/Envelope">
      <AppHdr>
      <hd:CharSet>String</hd:CharSet>
      </AppHdr>
      </Envelope>

      Now after STAX signing, produced XML as this. Root element Envelope has prefix as "sp_0"

      <sp_0:Envelope Id="G3de0a689-1fcf-4403-a509-9fe2e9854113" xmlns="http://www.xyz.ab/Envelope" xmlns:hd="urn:iso:std:iso:20022:tech:xsd:head.001.001.01" xmlns:sp_0="http://www.xyz.ab/Envelope"><dsig:Signature Id="G509870cc-704a-4a72-acf2-5b680cec9c93" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:CanonicalizationMethod><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></dsig:SignatureMethod><dsig:Reference URI="#G3de0a689-1fcf-4403-a509-9fe2e9854113"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></dsig:DigestMethod><dsig:DigestValue>MUhFQksJWXF/Btnbvu4fOYvrsSg=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>AEHzHMBmb7y0+HO8R3FjmHsxIz2w5warzm79X1vQl3XNqcBcrljgmjv5uxgqih3hKtfVrY72Bj4q
      j8Fzpu6A7A==</dsig:SignatureValue><dsig:KeyInfo Id="Gf1558627-a80a-4df8-aad6-e153471b7352"><dsig:X509Data><dsig:X509Certificate>MIIBnzCCAUmgAwIBAgIDAdkhMA0GCSqGSIb3DQEBBQUAME0xCzAJBgNVBAYTAlVTMREwDwYDVQQL
      EwhTd2VkYmFuazERMA8GA1UEChMIU3dlZGJhbmsxGDAWBgNVBAMTD1N3ZWRCYW5rU3lzQ2VydDAe
      Fw0yMjA3MDIwMzM3MjRaFw0yMjA5MzAwMzM3MjRaME0xCzAJBgNVBAYTAlVTMREwDwYDVQQLEwhT
      d2VkYmFuazERMA8GA1UEChMIU3dlZGJhbmsxGDAWBgNVBAMTD1N3ZWRCYW5rU3lzQ2VydDBcMA0G
      CSqGSIb3DQEBAQUAA0sAMEgCQQCsvTS3zaC5GKHX7sN1INv/E6o5l6kJXauQvFTAzii7T6xjhH7L
      bKaDh4ft+KTWP4grhVDIMTEQdq5jve9mG0QHAgMBAAGjEjAQMA4GA1UdDwEB/wQEAwIE8DANBgkq
      hkiG9w0BAQUFAANBACilOesTd4Kn+FYx60xL2TvA1xi01WD8nI67XRVd9lyyfDmrzCQZyPwxA8Fn
      58q3Gujv9hgN7JU1c/sipqndjJ8=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature>
      <AppHdr>
      <hd:CharSet>String</hd:CharSet>
      </AppHdr>
      </sp_0:Envelope>

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            sreedharj Sreedhar J
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: