Jean-Paul Berthelot
2013-07-15 05:32:51 UTC
Hi all,
I have the following Signature xml token being passed into my system.
How can I verify the XML signature for the below in Bouncy Castle?
<!== Begin signature info ==!>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-24">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenv"></ec:InclusiveNamespaces>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#Id-386361643">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>7+Mfi76lQi1PaIRx4ZsJhiNhdZcL77qCLIn63ptUSmk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="cid:part006a655f0000013f518b8abf0000223c">
<ds:Transforms>
<ds:Transform Algorithm="http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>CGbzdJi5exu3Ntsbi6jKUbYhZPMMZWpXVFOKySmme6k=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-23">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>gsv0sX4jfWWh+mXgb1DS1Gtg+oZqoLUU1Uup61gOM1I=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#UsernameToken-22">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenv"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>PvM3b6kRb1t85Ea+BrMgi1E+rGR9RRoXWQ0Ysowf7fM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Onws8qip3jVij7Tj1lNyCd83Cz+9tthnIHU8U3szzzeSucFSJuzImi3q4taqvp8wpTS6ArVVqmEOiUQhJx8zx+RL9amd1fgLN1UX914pylRWIPgnb0xCN6Yvg27dJPgxhZ8W4zxnfIHH71sB7cAW2G1X/wquf1qVhg0XNKJBHJgGEKvW8PpIJ3v3FBD6qcp9nRmW8KW+XddI0OB3qbI7YvUkRA5KzEct2vB92n4V3sfoW31PfOUZT1UfgjtpJbRUHF/EXb0Q41TN1NOxRlD3FEuOLm5vSKtcSh/fc0D6r1lVRUROmzvZZ0NuoluxF3egruXYz2lwSJ3+Q3UDm7QL1A==</ds:SignatureValue>
<ds:KeyInfo Id="KI-A50E2B1CF4D9835966137146266695826">
<wsse:SecurityTokenReference wsu:Id="STR-A50E2B1CF4D9835966137146266695827">
<wsse:Reference URI="#X509-A50E2B1CF4D9835966137146266695825" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<!== End signature info ==!>
Kind regards,
Jean-Paul
I have the following Signature xml token being passed into my system.
How can I verify the XML signature for the below in Bouncy Castle?
<!== Begin signature info ==!>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-24">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenv"></ec:InclusiveNamespaces>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#Id-386361643">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>7+Mfi76lQi1PaIRx4ZsJhiNhdZcL77qCLIn63ptUSmk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="cid:part006a655f0000013f518b8abf0000223c">
<ds:Transforms>
<ds:Transform Algorithm="http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>CGbzdJi5exu3Ntsbi6jKUbYhZPMMZWpXVFOKySmme6k=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-23">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>gsv0sX4jfWWh+mXgb1DS1Gtg+oZqoLUU1Uup61gOM1I=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#UsernameToken-22">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenv"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod>
<ds:DigestValue>PvM3b6kRb1t85Ea+BrMgi1E+rGR9RRoXWQ0Ysowf7fM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Onws8qip3jVij7Tj1lNyCd83Cz+9tthnIHU8U3szzzeSucFSJuzImi3q4taqvp8wpTS6ArVVqmEOiUQhJx8zx+RL9amd1fgLN1UX914pylRWIPgnb0xCN6Yvg27dJPgxhZ8W4zxnfIHH71sB7cAW2G1X/wquf1qVhg0XNKJBHJgGEKvW8PpIJ3v3FBD6qcp9nRmW8KW+XddI0OB3qbI7YvUkRA5KzEct2vB92n4V3sfoW31PfOUZT1UfgjtpJbRUHF/EXb0Q41TN1NOxRlD3FEuOLm5vSKtcSh/fc0D6r1lVRUROmzvZZ0NuoluxF3egruXYz2lwSJ3+Q3UDm7QL1A==</ds:SignatureValue>
<ds:KeyInfo Id="KI-A50E2B1CF4D9835966137146266695826">
<wsse:SecurityTokenReference wsu:Id="STR-A50E2B1CF4D9835966137146266695827">
<wsse:Reference URI="#X509-A50E2B1CF4D9835966137146266695825" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<!== End signature info ==!>
Kind regards,
Jean-Paul