on 05-20-2008 3:12 PM
Hi
I´m doing a xml signer and xml signer verifier to be used as java mapping, in XI.
I followed the examples described in:
http://help.sap.com/saphelp_nw2004s/helpdata/en/a4/d0201854fb6a4cb9545892b49d4851/frameset.htm
The function to sign the data has worked and my xml signs sucessfully. But when I try to verify it using the "verify" function, it ALWAYS return false. I´m testing the xml previously signed by "sign" function.
The public certificate was extracted from the keypar certificate used to sign.
The function "pab.getCertificates()" returns me the right certificates.
Can anyone help me?
Thanks
Hi Vitor,
Can you provide your sources, so we can have a look at it (and maybe find a "bug") ?
Rgds
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The code is a mess, I´m only using to test
public void execute(InputStream input, OutputStream output)
throws StreamTransformationException {
trace =
(AbstractTrace) param.get(
StreamTransformationConstants.MAPPING_TRACE);
boolean res = false;
String alias = "cert_test";
SsfDataXML data = null;
try {
data = new SsfDataXML(input);
trace.addInfo("Data = " + data.toString());
} catch (Exception e) {
System.out.println("Error while reading signed file " + e);
trace.addInfo("Error while reading signed file " + e);
System.exit(1);
}
// get pab from keystore service of AS Java
InitialContext ctx = null;
try {
ctx = new InitialContext();
} catch (NamingException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
Object o = null;
try {
o = (Object) ctx.lookup("keystore");
} catch (NamingException e3) {
// TODO Auto-generated catch block
e3.printStackTrace();
}
KeystoreManager manager = (KeystoreManager) o;
KeyStore keyStore = null;
try {
keyStore = manager.getKeystore("DEFAULT");
} catch (RemoteException e2) {
e2.printStackTrace();
}
SsfProfileKeyStore profile;
try {
profile = new SsfProfileKeyStore(keyStore, alias, null);
} catch (Exception e) {
trace.addInfo("Error while accessing keystore ");
throw new SecurityException("Error while accessing keystore "+e);
}
trace.addInfo("Profile: " + profile.toString());
SsfPabKeyStore pab;
try {
pab = new SsfPabKeyStore(keyStore);
} catch (Exception e) {
trace.addInfo("Error while accessing keystore ");
throw new SecurityException("Error while accessing keystore " + e);
}
//sign the data
try {
res = data.sign(profile);
trace.addInfo("Res: " + data.toString());
} catch (SsfInvalidKeyException e) {
System.out.println("Error while signing data "+e);
System.exit(1);
}
if (!res) {
System.out.println("Creation of signature failed");
System.exit(1);
}
// verify signature
SsfSigRcpList signer = new SsfSigRcpList();
try {
res = data.verify(pab, signer);
trace.addInfo("Res = " + res);
} catch (SsfInvalidDataException e) {
System.out.println("Error while verifying data " + e);
trace.addInfo("Error while verifying data " + e);
System.exit(1);
}
// print result of verification
if (res) {
System.out.println("Verification of data OK");
trace.addInfo("Verification of data OK");
if (signer.get(0).rc == SsfSigRcpInfo.SSF_OK) {
X509Certificate cert = signer.get(0).cert;
System.out.println("Signer: " + cert.getSubjectDN().getName());
trace.addInfo("Signer: " + cert.getSubjectDN().getName());
}
} else {
System.out.println("Verification of data FAILED");
trace.addInfo("Verification of data FAILED");
}
try {
output.write("".getBytes());
} catch (IOException e4) {
// TODO Auto-generated catch block
e4.printStackTrace();
}
}
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.