Building XML Digital Signatures from <SignatureValue> + Original Document
843811Nov 24 2007 — edited Nov 25 2007Hello all,
I'm implementing a XML DSig application and I came up with a problem.
The arquitecture is quite simple.
SignerClass ::
+ public String sign(Document xml, String keyIdentifier) -> Creates a detached XML signature and returns the textual value within <SignatureValue>.
Verifier Class ::
+ public String verify(Document xml, String keyIdentifyer, String signature) -> recreates the XML detached signature and then validates it.
So, my main problem comes when I want to re-create a XMLSignature Object based only on the <SignatureValue>. I'm able to recreate the whole Signature element:
-----
// SignedInfo (si) is previously created;
Node signatureV = doc.createElementNS("http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue", "SignatureValue");
signatureV.setTextContent("ASSINATURA");
// new <SignedValue> element
XMLStructure content = new DOMStructure(signatureV);
XMLObject obj = fac.newXMLObject(Collections.singletonList(content), "object", null, null);
// new XMLSignature
XMLSignature sig = fac.newXMLSignature(si, null, Collections.singletonList(obj), "", "");
// How to validate it ?
-----
My approach:
Now I have the XMLSignature object re-created and I want to perform the validation and I need to use a DOMValidateContext.
-----
DOMValidateContext valContext = new DOMValidateContext
(c.getPublicKey(), xxxxxxx);
-----
xxxxxxx needs to be a Document and I want to use (XMLSignature) sig. The only way of getting the Document object is by actually running the sign() method and that will generate a new <SignatureValue>.
Any ideas on how can I validate a XMLSignature Object with a <SignatureValue> set up by me? Is it possible?
Thank you in advance.