axis-axis1-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Toth <txt...@gmail.com>
Subject DigestValue, canonicalization and interoperability
Date Tue, 05 Feb 2013 13:58:39 GMT
I've got an Axis 1.4 based web service that I've been using for years
but now I'm trying to develop a node.js (javascript) version. As a
first step I've captures the request xml and am trying to validate the
signature. However I've run into a problem with not being able to
calculate an equivalent DigestValue. I've written some java code:
            Document doc = XMLUtils.newDocument (new InputSource (new
StringReader (new String(xml))));
            Canonicalizer canon = Canonicalizer.getInstance
("http://www.w3.org/2001/10/xml-exc-c14n#");
            byte canonXmlBytes [] = canon.canonicalizeSubtree
(XPathAPI.selectSingleNode (doc, "(//. | //@* |
//namespace::*)[ancestor-or-self::soapenv:Body]"));

            System.out.println("canonicalized body:" + new String
(canonXmlBytes));
            MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
            digest = sha1.digest(canonXmlBytes);

which replicates the results I'm getting from the node xml-crypto
package but these don't equal the digest value in the original xml.
I've looked at the canonicalized form generated by my java test code
and that generated by xml-crypto along with the XML Canonicalization
spec and they look all seem to be in agreement. So now I'm trying to
understand how my Axis 1.4 is generating the digest value and why I
can't calculate an equivalent one. If anyone can help shed light on
this issue I'd appreciate it.

Ted

---------------------------------------------------------------------
To unsubscribe, e-mail: axis1-java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: axis1-java-user-help@axis.apache.org


Mime
View raw message