Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

xml signature interoperability issue between Java(apache) and .net

855736Apr 15 2011 — edited Apr 19 2011
I need to sign a xml file with RSA in enveloped mode in java. and verify the signature in .net.

the signature is valid if sign and verification both done with java apache security package. it's also valid if both done in .net.

but verification failed if sign in java and verify in .net.

following is signature code:



.net signature code:

public static void SignDocument(string xmlFilePath, string keyFilePath, string outputFilePath)
{
try
{
XmlDocument Doc = new XmlDocument();
Doc.Load(xmlFilePath);

X509Certificate2 cert = new X509Certificate2("abc.pfx", "0123456789");
RSACryptoServiceProvider key = (RSACryptoServiceProvider)cert.PrivateKey;

// Create a SignedXml object.
SignedXml signedXml = new SignedXml(Doc);

// Add the key to the SignedXml document.
signedXml.SigningKey = Key;

// Create a reference to be signed.
Reference reference = new Reference();
reference.Uri = "";

// Add an enveloped transformation to the reference.
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);

// Add the reference to the SignedXml object.
signedXml.AddReference(reference);

// Compute the signature.
signedXml.ComputeSignature();

// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();

// Append the element to the XML document.
Doc.DocumentElement.AppendChild(Doc.ImportNode(xmlDigitalSignature, true));

Doc.Save(outputFilePath);
}
catch (Exception err)
{
OutputWriter.WriteLine(string.Format("Error : {0}", err.Message));
}
}


//java signature code:

private static void rsaSign() throws Exception{

KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("abc.pfx"), "0123456789".toCharArray());
PrivateKey privKey = (PrivateKey)ks.getKey(“abc”, "0615166328".toCharArray());


DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
docFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
Document doc = docBuilder.parse(new FileInputStream("tmp-encrpted.xml"));
Element element = doc.getDocumentElement();

File xmlFile = new File("signed.xml");


String baseURI = xmlFile.toURL().toString();
XMLSignature xmlSig = new XMLSignature(doc, baseURI, XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1);




Element sigElement = xmlSig.getElement();
element.appendChild(sigElement);

Transforms transforms = new Transforms(doc);
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
//transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
xmlSig.addDocument("", transforms, Constants.ALGO_ID_DIGEST_SHA1);

xmlSig.sign(privKey);
FileOutputStream out = new FileOutputStream(xmlFile);
XMLUtils.outputDOMc14nWithComments(doc, out);
out.close();
}
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on May 17 2011
Added on Apr 15 2011
#cryptography, #xml
4 comments
861 views