Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Java XML Signature validation error

Reply
Thread Tools

Java XML Signature validation error

 
 
alan_sec
Guest
Posts: n/a
 
      01-11-2007
Hi.
I have created detached xml signature using java XML Signature
(javax.xml.crypto.dsig.* classes).
Signature is referenced using element id (#).
XML looks something like this:

<ThreeDSecure>
<Message id="a239396308">
<Msg1 id="#MSG24596608192729662548">
...
</Msg1>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#MSG24596608192729662548">
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

<DigestValue>Bn+mvxvJsNgSrS/66YZnoACFdHg=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>...</X509SubjectName>
<X509Certificate>...</X509Certificate>
<X509Certificate>...</X509Certificate>
<X509Certificate>...</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</Message>
</ThreeDSecure>

When I try to validate XML signature I get this exception:
javax.crypto.BadPaddingException: Encountered block type: 102 while
expecting 1

What is a block type 102 and what is block type 1?
Where can I find block type description?
Any help or suggestion would be nice.
Thanks.
Alan

 
Reply With Quote
 
 
 
 
Andrew Thompson
Guest
Posts: n/a
 
      01-11-2007
alan_sec wrote:
...
> XML looks something like this:


'something like'? Note that posting anything
that is not a direct representation of your source
is a waste of your time, and our bandwidth.
You may not value your time, but please place
a higher value on our bandwidth.

Andrew T.

 
Reply With Quote
 
 
 
 
alan_sec
Guest
Posts: n/a
 
      01-11-2007
Here is exact xml document:

#######################################
<ThreeDSecure>
<Message id="a497179213">
<PARes id="PARes22908118939049785462">
<version>1.0.2</version>
<Merchant>
<acqBIN>11111111111</acqBIN>
<merID>12AB,cd/34-EF -g,5/H-67</merID>
</Merchant>
<Purchase>
<xid>OTMyMjMwMjU0MDEyMzQ1Njc4OTA=</xid>
<date>20070111 16:27:55</date>
<purchAmount>123456</purchAmount>
<currency>840</currency>
<exponent>2</exponent>
</Purchase>
<pan>0000000001000</pan>
<TX>
<time>20070111 16:27:37</time>
<status>Y</status>
<cavv>AAABBHYACAaCUVVAAAAIAAAAAAA=</cavv>
<eci>05</eci>
<cavvAlgorithm>2</cavvAlgorithm>
</TX>
</PARes>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#PARes22908118939049785462">
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

<DigestValue>4RkFL0fCHu7YRqj6+nhGModZ3oU=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>

M3SV3p0YhXf3pG4978X2ez3+mlwzuN6vwUydlz+sh0HHg3Ywt2 sp4Xviwls3weYa

LvQsrIpeE0TYPn8Oj0YPvubFSabr75i3JKW8rzYi42l39Z8Mtx kIXGm6b3Wpesof
HwgOcnJ2CkR9gsg3QYXqvfLDnTMrumzW0xb11kd76o0=
</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>CN=TridesACS1.0, OU=ACS, O=Logos,
ST=Some-State, C=hr</X509SubjectName>
<X509Certificate>

MIICNzCCAaCgAwIBAgIUFJU/40Di8oxdY63QIi+hBPLUiw4wDQYJKoZIhvcNAQEF

BQAwRzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0NhcmFkYXMxFT ATBgNVBAsTDENh

cmFkYXMgTGFiczEPMA0GA1UEAxMGQ1RIIENBMB4XDTA3MDExMT E0NDEzN1oXDTA5

MDExMDE0NDEzN1owVzELMAkGA1UEBhMCaHIxEzARBgNVBAgTCl NvbWUtU3RhdGUx

DjAMBgNVBAoTBUxvZ29zMQwwCgYDVQQLEwNBQ1MxFTATBgNVBA MTDFRyaWRlc0FD

UzEuMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApNJlwt EAJsggx5qNund+

KPJF3yeQ3qEyNRrtalWo/judkJPdW9OrurT4NUctrhWkzpl7A5j/buzoMuWdnLwF

fHhN4F+dXAKuKKuojiwKSzaUsgiHkaoh1Ztd8A7BcETZb/Gw7+sQN/jxPepAm6WK

eWZloWV2Ocq/tBAvb7q7CnsCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG

9w0BAQUFAAOBgQA7qGe9TR5dHSXftO81UKoHnqZCEBjljXwTdb ncFAn3qtZ/Qr1l

UwpYf5y9yKaZ3uq7YMtUj5Ce9pzadzQx48rWQOKqEflOH+5GW7 JceBHOpRT4WiAt

nPmPqiAXRL69tPfw7c7KlovrXzBnz+ry2wudUzxCkzISeKhjQm SOzNGkCA=
=</X509Certificate>
<X509Certificate>

MIICLzCCAZigAwIBAgIUDCoCMPC4RFdRjyNgFsUrfBQO9OUwDQ YJKoZIhvcNAQEF

BQAwSTELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0NhcmFkYXMxFT ATBgNVBAsTDENh

cmFkYXMgTGFiczERMA8GA1UEAxMIQ1RIIFJPT1QwHhcNMDUwOT I3MTc0NTQwWhcN

MDkwOTI2MTc0NTQwWjBHMQswCQYDVQQGEwJVUzEQMA4GA1UECh MHQ2FyYWRhczEV

MBMGA1UECxMMQ2FyYWRhcyBMYWJzMQ8wDQYDVQQDEwZDVEggQ0 EwgZ8wDQYJKoZI

hvcNAQEBBQADgY0AMIGJAoGBALBOKXF4jod6D/NNKWNKCHB1SMZ/CdxT+p+JXICE

loIGvrthQXtzs52H7C1xagSXpBXwRT4cwIJgNhz4oSQlGipwwJ XDs3JPmiTE39t2

9vOgPJ7NHIdUNqVyR/ExedOCVt187vLqpUrRcY2xyt+Dcu0uXJAP6xv3QNkf2m2A

oAPXAgMBAAGjFjAUMBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJKoZIhvcNAQEFBQAD

gYEAAN+yrscL1NQp04TTDRESIEnaQrpd2GJSMUiwWkEt7JEzyS iQkXWWkbG+urlL

Zhp98mLM53W7FwR36fUxIeGO9xhxz76AVZjq+UyptZNhmI3uAF P1nMw+CbWQhG41

DmXmHBr79NWBvydRH4KwjeP7fpVBpfmA1L9CtyNSJj/eCNE=
</X509Certificate>
<X509Certificate>

MIICMjCCAZugAwIBAgIVAK1iTXuIUE+KiCbaxBC+tDQQVZAtMA 0GCSqGSIb3DQEB

BQUAMEkxCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdDYXJhZGFzMR UwEwYDVQQLEwxD

YXJhZGFzIExhYnMxETAPBgNVBAMTCENUSCBST09UMB4XDTA1MD kyNzE3NDUzOFoX

DTEzMDkyNTE3NDUzOFowSTELMAkGA1UEBhMCVVMxEDAOBgNVBA oTB0NhcmFkYXMx

FTATBgNVBAsTDENhcmFkYXMgTGFiczERMA8GA1UEAxMIQ1RIIF JPT1QwgZ8wDQYJ

KoZIhvcNAQEBBQADgY0AMIGJAoGBAIryv2suotsobenJXl7cav zAZFncyxqZ88M4

omYQHDdP57MJYHwzCMlG7qtmGhJmmqEXcAaHdGAngFbYrgCBqx iIbv9lgvHbyDLd

6YMULPdyWC0cgaKnm+4YrqnxVr1u09l8ogxmV5EyHWp03/fk5m/d4YOkcS1r+7Ay

IJWVz/uHAgMBAAGjFjAUMBIGA1UdEwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcNAQEF

BQADgYEAOYhqttSMZMNj36xGP5Kr4HB9QH+4On24inwkH/ROTb1AHMJd1dl4x7DZ

9vlO/XtQR8eH7f+WsNKQFxCWH/4FoizO7bUaAm1yACFDzloFPmviQqCO2fm7GSw8

o4tV0tg9oQaqmwOV/EDvJj/HLek0ONKjZghHwqWyredfDxGlnU8=
</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</Message>
</ThreeDSecure>
################################################## #######

Andrew Thompson je napisao/la:
> alan_sec wrote:
> ..
> > XML looks something like this:

>
> 'something like'? Note that posting anything
> that is not a direct representation of your source
> is a waste of your time, and our bandwidth.
> You may not value your time, but please place
> a higher value on our bandwidth.
>
> Andrew T.


 
Reply With Quote
 
Andrew Thompson
Guest
Posts: n/a
 
      01-11-2007
alan_sec wrote:
> Here is exact xml document:


That's the go. Hopefully the folks with the expertise
will have the necessary detail to help, but two quick notes
1) It is generally considered more logical, and easy to
read replies, when you reply *below* the comment that
you are replying to (like I am doing).
2) My bad. But while I stressed 'exact', I did not also
make clear that it did not necessarily need to be the
'complete'* file. When somebody claims code is
'something like', I get the impression of them 'quickly
retyping' a version of their code, and typos. tend to
be introduced.

* I am a big fan of *complete* examples, but some
folks do not like 'long' listings - though even your
complete file should not get their back's up.. maybe.

Hope you sort it.

Andrew T.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Turning a signature-changing decorator into a signature-preservingone Gustavo Narea Python 14 02-16-2009 04:58 PM
XML signature validation =?ISO-8859-15?Q?Tobias_Schr=F6er?= Java 0 05-23-2006 09:54 AM
XML signature validation =?ISO-8859-15?Q?Tobias_Schr=F6er?= Java 0 05-23-2006 09:20 AM
XML schema validation of one xml block based on values from another xml block Andy XML 0 11-18-2004 11:04 PM
UTF-8 with signature & UTF-8 without signature JJBW ASP .Net 1 04-24-2004 10:21 AM



Advertisments