search

makdimka077 / xades4j

Automatically exported from code.google.com/p/xades4j
GNU Lesser General Public License v3.0
0 stars 0 forks source link

ds:KeyValue and ds:RSAValue and Modulus tags are not added when signing xml file using xades4j #77

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
when i am signing xml file using xadse4j signer then some tags are not 
generated under ds:KeyInfo tag regarding certificate. See signed file's piece 
of contents---

<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIFrTCCBJWgAwIBAgIGVKnZPjVvMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNVBAYTAlRSMU0wSwYD
VQQDDERNYWxpIE3DvGjDvHIgRWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPE
sXPEsSAtIFPDvHLDvG0gMTAeFw0xMzA5MjAwNjI4MDJaFw0xODA5MTkwNjI4MDJaMFYxEzARBgNV
BAUTCjE0MDAwMzY1OTAxPzA9BgNVBAMMNkJhbnZpdCBCYW5kxLFybWEgVml0YW1pbmxpIFllbSBT
YW5heWlpIEFub25pbSDFnmlya2V0aTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIm8
QeBjPxOngkuhRjrFk6m75mhEWwktoXtnQAXCB4NMUQPSc8CD5uYj9NRrnSwcLtGbrDjVnJRuU4la
NYf0v4HvVcHLEs7ynE5GGi4JaN6oozv+qbBQsS3ryg3M4oIRbAWicJNA7VFxGl4qGovz9FF1oHv8
hhUpoOIJCmEmHXIyA59eCMWkb4cB5TXKtkJWppKSAGgy5fLO70jFnn+46eB6HM/o4EsGF+MhxoNg
j0jJUJmHbeLvSYDIfuWkq0LtPHDGxSF1KXh83HZsprnCo6jJLdYsp6d5M4rjD3YK5g0IgiwZhZIz
MKDvl9f5o8b0hXR6Eu2davU9MKiy24/XNpkCAwEAAaOCAnkwggJ1MB8GA1UdIwQYMBaAFEYgqVMb
KAwcrvIoUYOzHr7yUxR8MB0GA1UdDgQWBBQkulHg410O0k8rCFXNe4mtlII6jjAOBgNVHQ8BAf8E
BAMCB4AwggEzBgNVHSAEggEqMIIBJjCCASIGC2CGGAECAQEFBwQBMIIBETAqBggrBgEFBQcCARYe
aHR0cDovL2RlcG8ua2FtdXNtLmdvdi50ci9pbGtlMIHiBggrBgEFBQcCAjCB1R6B0gBCAHUAIABz
AGUAcgB0AGkAZgBpAGsAYQAgAGkAbABlACAAaQBsAGcAaQBsAGkAIABzAGUAcgB0AGkAZgBpAGsA
YQAgAHUAeQBnAHUAbABhAG0AYQAgAGUAcwBhAHMAbABhAHIBMQBuATEAIABvAGsAdQBtAGEAawAg
AGkA5wBpAG4AIABiAGUAbABpAHIAdABpAGwAZQBuACAAdwBlAGIAIABzAGkAdABlAHMAaQBuAGkA
IAB6AGkAeQBhAHIAZQB0ACAAZQBkAGkAbgBpAHoALjAMBgNVHRMBAf8EAjAAMBYGA1UdJQQPMA0G
C2CGGAECAQEFBzIBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9kZXBvLmthbXVzbS5nb3YudHIv
a3VydW1zYWwvbW1lc2hzLXMxLmNybDCBggYIKwYBBQUHAQEEdjB0MDwGCCsGAQUFBzAChjBodHRw
Oi8vZGVwby5rYW11c20uZ292LnRyL2t1cnVtc2FsL21tZXNocy1zMS5jcnQwNAYIKwYBBQUHMAGG
KGh0dHA6Ly9jaXNkdXBtbXMxLmt1cnVtc2FsLmthbXVzbS5nb3YudHIwDQYJKoZIhvcNAQELBQAD
ggEBAE8MtufWCnh/pQ+2SmF2DAW0kZdkFXkJNJ0TCdDQ44bU0THB3Y4IJ8i8duZs64fsqOGXjbRk
FCW9cLAeXMqXNUkkiplCwhHREvMYn6EexHzUi4wP0ScNiw17jMXwknH+wFNM8uJq3R+Ydk8GMTyg
x/NwZQOQ0B62ZM+xf3JQ5zv+xnyCg+i98OLQZpdxWc+UNm/mISzFi2yGy+NmDtoko89lX2OzDwE3
2+V4JIhCwUSV0opOsuyY+wpnBHO4XHXgOe9NSBiuOet/XfFx8tVIpcEqAoR2hpB1o6qn4znx5KXs
1w+u7SGntGEFmZ8VIRKImTxYpvsM8ow1CrHFvhF28nU=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

BUT it should have like below--

<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>34ixWfBQd6zGplCi9vlmMFokZ7BYdWVWk82NxtejMv/2zeFbLUs6eNI3gMvv7vj9JClN
W9nD8VFM
xBJ8X66pQplVi79uAtzVmDcUBJQnxcXmDT44XvSn2OwcNbhn8SRe7Wds2CjadHvBj13w8nDir5RI
1DnNcyytLMDYkVedRsbUmz9nEtn/LuiFTDyMf4Sg+d0ANBSUJDbTFPsnSr80ZbTzeFYeY9GXPgHi
wueP7cQ0IaaU4tRPjHep/TBrV5I9Pzhya9L+664+j5KmBSZsMPOGmeILmcGMHx0BIT6ZscQ4K8L4
lh04chaNXRtqgdvY2JQ8Bzhu86F8cfcy6RFWuQ==</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
<ds:X509Data>
<ds:X509SubjectName>CN=Gelir İdaresi 
Başkanlığı,2.5.4.5=#130a33393030333833363639</ds:X509SubjectName><ds:X509Cer
tificate>MIIFlDCCBHygAwIBAgIGAIiEmAELMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNVBAYTAlRSMU0
wSwYD
VQQDDERNYWxpIE3DvGjDvHIgRWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPE
sXPEsSAtIFPDvHLDvG0gMTAeFw0xMDA0MTUxMjM3NTBaFw0xNTA0MTQxMjM3NTBaMD0xEzARBgNV
BAUTCjM5MDAzODM2NjkxJjAkBgNVBAMMHUdlbGlyIMSwZGFyZXNpIEJhxZ9rYW5sxLHEn8SxMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34ixWfBQd6zGplCi9vlmMFokZ7BYdWVWk82N
xtejMv/2zeFbLUs6eNI3gMvv7vj9JClNW9nD8VFMxBJ8X66pQplVi79uAtzVmDcUBJQnxcXmDT44
XvSn2OwcNbhn8SRe7Wds2CjadHvBj13w8nDir5RI1DnNcyytLMDYkVedRsbUmz9nEtn/LuiFTDyM
f4Sg+d0ANBSUJDbTFPsnSr80ZbTzeFYeY9GXPgHiwueP7cQ0IaaU4tRPjHep/TBrV5I9Pzhya9L+
664+j5KmBSZsMPOGmeILmcGMHx0BIT6ZscQ4K8L4lh04chaNXRtqgdvY2JQ8Bzhu86F8cfcy6RFW
uQIDAQABo4ICeTCCAnUwHwYDVR0jBBgwFoAURiCpUxsoDByu8ihRg7MevvJTFHwwHQYDVR0OBBYE
FFCs51k9wBTYzU4jZPREUtDQtXwpMA4GA1UdDwEB/wQEAwIHgDCCATMGA1UdIASCASowggEmMIIB
IgYLYIYYAQIBAQUHBAEwggERMCoGCCsGAQUFBwIBFh5odHRwOi8vZGVwby5rYW11c20uZ292LnRy
L2lsa2UwgeIGCCsGAQUFBwICMIHVHoHSAEIAdQAgAHMAZQByAHQAaQBmAGkAawBhACAAaQBsAGUA
IABpAGwAZwBpAGwAaQAgAHMAZQByAHQAaQBmAGkAawBhACAAdQB5AGcAdQBsAGEAbQBhACAAZQBz
AGEAcwBsAGEAcgExAG4BMQAgAG8AawB1AG0AYQBrACAAaQDnAGkAbgAgAGIAZQBsAGkAcgB0AGkA
bABlAG4AIAB3AGUAYgAgAHMAaQB0AGUAcwBpAG4AaQAgAHoAaQB5AGEAcgBlAHQAIABlAGQAaQBu
AGkAegAuMAwGA1UdEwEB/wQCMAAwFgYDVR0lBA8wDQYLYIYYAQIBAQUHMgEwQQYDVR0fBDowODA2
oDSgMoYwaHR0cDovL2RlcG8ua2FtdXNtLmdvdi50ci9rdXJ1bXNhbC9tbWVzaHMtczEuY3JsMIGC
BggrBgEFBQcBAQR2MHQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9kZXBvLmthbXVzbS5nb3YudHIva3Vy
dW1zYWwvbW1lc2hzLXMxLmNydDA0BggrBgEFBQcwAYYoaHR0cDovL2Npc2R1cG1tczEua3VydW1z
YWwua2FtdXNtLmdvdi50cjANBgkqhkiG9w0BAQsFAAOCAQEACOAFB1u35oSkyRv2IJCGafHc/soB
yOYVxXGFre36BIZaZqgjDh5oAJdDxCTL/PNpObqOzeIYbquz9LX9pqWO8ebCtZUxGGbtRD9S6bo6
iSouMoSlA75Hmrl1HM4Z4GxdlKlLoHAwp0/Dssgy2U3Z693BTvpsrSw6ZBZgIT26wnBgqtc438jD
NIYqCBSdt3ZATXieS55aFaJikpLsEYpEFzVSigb+jaHmGYIPXkqSwA31A35gkkBEJvr9hzujRCh3
tJzYs4ixTX5lEqKlwWh/Gw3R2UnBwa+RY3WKwLRk8s+hr97mv7GOpOBR9B5Xy4sDrj6Ki8yy9tWN
56UhqdNe+A==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>

In short... problem is that below tags should have added under ds:KeyInfo tags--
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus

Please consider this matter and give some suggestion to resolve the same
Thanks & Regards
Jay

Original issue reported on code.google.com by jay...@gmail.com on 15 Mar 2014 at 5:50

GoogleCodeExporter commented 9 years ago 
Did you try configuring a BasicSignatureOptionsProvider other than the default?

http://xades4j.googlecode.com/svn/release/1.3.0/javadoc/reference/xades4j/provid
ers/BasicSignatureOptionsProvider.html

Original comment by luis.fgoncalv on 17 Mar 2014 at 8:15

GoogleCodeExporter commented 9 years ago 
Using the includePublicKey method should help you. If you find any bug please 
reopen the issue.

Original comment by luis.fgoncalv on 17 Mar 2014 at 8:17

GoogleCodeExporter commented 9 years ago 
my signing code snippet regarding issue 77(ds:KeyValue and ds:RSAValue and 
Modulus tags are not added when signing xml file using xades4j) is :

 DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        factory.setNamespaceAware(true);
        DocumentBuilder docBuilder = null;
        try {
        docBuilder = factory.newDocumentBuilder();
        } catch (ParserConfigurationException e) {
        e.printStackTrace();
        }
        Document doc = null;
        try {
        doc = docBuilder.parse(file);
        } catch (SAXException e) {
        e.printStackTrace();
        } catch (IOException e) {
        e.printStackTrace();
        }
        Element elmtToSign=doc.getDocumentElement();
        KeyingDataProvider kp = null;
        try{

        kp = new FileSystemKeyStoreKeyingDataProvider("pkcs12","532638-testkurum01@test.com.tr.pfx",
                                  new FirstCertificateSelector("532638-testkurum01@test.com.tr.pfx"),
                                  new KeyStoreFilePasswordProvider(Constants.CERTIFICATE_PASSWORD),
                                  new KeyEntryPwdProvider(Constants.CERTIFICATE_PASSWORD),true);

        } catch (KeyStoreException e){
          e.printStackTrace();
        }

        try {  

            XadesSigner signer = (XadesSigner) new XadesEpesSigningProfile(kp, new SignaturePolicyInfoProvider() {
              @Override
               public SignaturePolicyBase getSignaturePolicy() {
                    // TODO Auto-generated method stub
               return new SignaturePolicyImpliedProperty();
                }
            }).newSigner();

           new Enveloped(signer).sign(elmtToSign);

So, tell me where i have to make changes in my code so that  <ds:KeyValue>,
<ds:RSAKeyValue> and <ds:Modulus> can be added in signed file.

I am waiting for your valuable response.

Thanks & Regards
Jay

Original comment by jay...@gmail.com on 18 Mar 2014 at 7:47

GoogleCodeExporter commented 9 years ago 
All the XadesSigningProfiles have a withBasicSignatureOptionsProvider method. 
You can use it to configure that provider as needed.

http://xades4j.googlecode.com/svn/release/1.3.0/javadoc/reference/xades4j/produc
tion/XadesSigningProfile.html

Original comment by luis.fgoncalv on 18 Mar 2014 at 9:23

GoogleCodeExporter commented 9 years ago 
Hi,

Thank you for your help. Now my problem regarding  ds:KeyValue and
ds:RSAValue and Modulus tags is resolved by implementing
withBasicSignatureOptionsProvider ,
Now i am going to validate other tags

Original comment by jay...@gmail.com on 18 Mar 2014 at 11:37

GoogleCodeExporter commented 9 years ago 
Thanking you!
Above mention problem is almost resolved by configuring 
basicSignatureOptionsProvider

Now i am moving ahead to validate other tags.

Regards'
Jay

Original comment by jay...@gmail.com on 18 Mar 2014 at 11:42