I use SOAP webservice to sign files with DSS DemoWebapp v5.7. B level signatures are OK via webservice, but got error message, when try to create T, LT, LTA signatures. Example parameter set:
2020-09-30 07:34:36,812 INFO | http-nio-8080-exec-9 | e.e.e.d.w.s.common.Remote
DocumentSignatureServiceImpl | SignDocument in process...
2020-09-30 07:34:36,827 INFO | http-nio-8080-exec-9 | eu.europa.esig.dss.xades.
signature.XAdESLevelBaselineT | ====> Extending: IN MEMORY DOCUMENT
2020-09-30 07:34:36,831 INFO | http-nio-8080-exec-9 | eu.europa.esig.dss.valida
tion.CommonCertificateVerifier | + New CommonCertificateVerifier created.
2020-09-30 07:34:36,842 INFO | http-nio-8080-exec-9 | e.e.esig.dss.xades.valida
tion.XAdESCertificateSource | +XAdESCertificateSource
2020-09-30 07:34:36,843 WARN | http-nio-8080-exec-9 | org.apache.xml.security.s
ignature.XMLSignature | Signature verification failed.
2020-09-30 07:34:36,843 WARN | http-nio-8080-exec-9 | eu.europa.esig.dss.xades.
validation.XAdESSignature | Determining signing certificate from certificat
e candidates list failed: [Certificate #1: Signature verification failed]
2020-09-30 07:34:36,853 WARN | http-nio-8080-exec-9 | org.apache.cxf.phase.Phas
eInterceptorChain | Application {http://soap.signature.ws.dss.esig.
europa.eu/}SoapDocumentSignatureServiceImplService#{http://signature.dss.esig.eu
ropa.eu/}signDocument has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Cryptographic signature verification has faile
d / Certificate #1: Signature verification failed
at org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractIn
voker.java:162)
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.createFault(AbstractJ
AXWSMethodInvoker.java:267)
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker
.java:128)
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke(AbstractJAXWSM
ethodInvoker.java:232)
at org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.jav
a:85)
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker
.java:74)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInv
okerInterceptor.java:59)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:51
1)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$2.run(ServiceInv
okerInterceptor.java:126)
at org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecu
tor.java:37)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(Se
rviceInvokerInterceptor.java:131)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept
orChain.java:308)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainIniti
ationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(Abstract
HTTPDestination.java:267)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(
ServletController.java:234)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletCont
roller.java:208)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletCont
roller.java:160)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpr
ingServlet.java:225)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(Ab
stractHTTPServlet.java:301)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractH
TTPServlet.java:220)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(Abstract
HTTPServlet.java:276)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52
)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:166)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:320)
at org.springframework.security.web.access.ExceptionTranslationFilter.do
Filter(ExceptionTranslationFilter.java:118)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.session.SessionManagementFilter.doFi
lter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AnonymousAuthenticati
onFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.servletapi.SecurityContextHolderAwar
eRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter
.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.d
oFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersA
fter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterIn
ternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
equestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFi
lter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManage
rIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
equestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi
lterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChai
nProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
elegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
ingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAcce
ssLogValve.java:690)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java
:615)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLig
ht.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(Abstract
Protocol.java:818)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpo
int.java:1627)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBas
e.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskTh
read.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: eu.europa.esig.dss.model.DSSException: Cryptographic signature verifi
cation has failed / Certificate #1: Signature verification failed
at eu.europa.esig.dss.xades.signature.ExtensionBuilder.assertSignatureVa
lid(ExtensionBuilder.java:138)
at eu.europa.esig.dss.xades.signature.XAdESLevelBaselineT.extendSignatur
eTag(XAdESLevelBaselineT.java:165)
at eu.europa.esig.dss.xades.signature.XAdESLevelBaselineLT.extendSignatu
reTag(XAdESLevelBaselineLT.java:62)
at eu.europa.esig.dss.xades.signature.XAdESLevelBaselineT.extendSignatur
es(XAdESLevelBaselineT.java:141)
at eu.europa.esig.dss.xades.signature.XAdESLevelBaselineT.extendSignatur
es(XAdESLevelBaselineT.java:80)
at eu.europa.esig.dss.xades.signature.XAdESService.signDocument(XAdESSer
vice.java:156)
at eu.europa.esig.dss.xades.signature.XAdESService.signDocument(XAdESSer
vice.java:55)
at eu.europa.esig.dss.ws.signature.common.RemoteDocumentSignatureService
Impl.signDocument(RemoteDocumentSignatureServiceImpl.java:157)
at eu.europa.esig.dss.ws.signature.soap.SoapDocumentSignatureServiceImpl
.signDocument(SoapDocumentSignatureServiceImpl.java:48)
at sun.reflect.GeneratedMethodAccessor384.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(Abst
ractInvoker.java:179)
at org.apache.cxf.jaxws.JAXWSMethodInvoker.performInvocation(JAXWSMethod
Invoker.java:66)
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker
.java:96)
... 70 common frames omitted
2020-09-30 07:34:36,855 INFO | http-nio-8080-exec-9 | o.a.cxf.services.SoapDocu
mentSignatureService.FAULT_OUT | FAULT_OUT
Content-Type: multipart/related; type="application/xop+xml"; boundary="uuid:
b2bcdddf-cba3-4955-b901-42f5fbeb50d3"; start="<root.message@cxf.apache.org>"; st
art-info="text/xml"
ResponseCode: 500
ExchangeId: 1cb2250b-fabb-40e1-89bd-aaed0194b36e
ServiceName: SoapDocumentSignatureServiceImplService
PortName: SoapDocumentSignatureServiceImplPort
PortTypeName: SoapDocumentSignatureService
Headers: {}
Payload:
--uuid:b2bcdddf-cba3-4955-c451-42f5fbec50d3
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"
Content-Transfer-Encoding: binary
Content-ID: <root.message@cxf.apache.org>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body
><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Cryptographic signat
ure verification has failed / Certificate #1: Signature verification failed</fau
ltstring></soap:Fault></soap:Body></soap:Envelope>
I use SOAP webservice to sign files with DSS DemoWebapp v5.7. B level signatures are OK via webservice, but got error message, when try to create T, LT, LTA signatures. Example parameter set:
Error message in Tomcat:
These are OK on UI side with use of NexU.