[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: XML Digests using Xerces and XML Security Suite
- From: Iwan Eising <java@i-ware.net>
- To: Xml-Dev <xml-dev@lists.xml.org>
- Date: Mon, 30 Apr 2001 10:04:21 -0400
Hi,
I just found out the problem, it is in the CRLF vs. LF dilemma. I now:
- first save the xml file
- reload and parse it
- then regenerate the digest
- store the digest in the original xml
- save the original xml
This works. It's just clumsy, so if anybody knows a better solution than
this workaround that would be great.
Iwan
:> -----Original Message-----
:> From: Iwan Eising [mailto:java@i-ware.net]
:> Sent: Sunday, April 29, 2001 10:23 AM
:> To: xml-dev@lists.xml.org
:> Subject: XML Digests using Xerces and XML Security Suite
:>
:> Hi,
:>
:> I'm writing an application that generates an XML document and
:> saves it to a
:> file. Later when the file is read again, I want to make sure
:> that it is the
:> same file. I want to use an MD5 digest to check this, the digest
:> is stored
:> in the XML document it self, so when I send it to a different location
:> (possibly over the Internet) I can still check if it is the
:> original file I
:> created in the first place.
:> I downloaded IBM's XML Security Suite and I created the following two
:> methods (full code below):
:>
:> boolean checkSignature(Node node,String signature);
:> String generateSignature(Node node);
:>
:> I store the signature in the XML document it self. The XML
:> document has the
:> following structure:
:>
:> <Document>
:> <signature>
:> <!-- signature-value in BASE64 -->
:> </signature>
:> <ActualContents>
:> </ActualContents>
:> </Document>
:>
:> I made sure that in both case the Digest is generated from ActualContents
:> node (The System.out shows me this). I'm using DOM, so the
:> complete document
:> is read before it is being processed.
:>
:> For some reason when I read the DOM from file and take the node
:> and feed it
:> to checkSignature, I get a different Digest than when I create
:> the DOM from
:> scratch and generate the digest.
:>
:> Does anybody know what I'm doing wrong, or have a
:> better/easier/working way
:> of solving this problem?
:>
:> Thanks,
:> Iwan
:>
:>
:> protected boolean checkSignature(Node node,String signature)
:> {
:> boolean result = false;
:>
:> System.out.println("Start hash at: " + node.getNodeName());
:> try
:> {
:> byte[] digest =
:> Digest.getDigest(MessageDigest.getInstance("MD5"), node);
:> BASE64Encoder encoder = new BASE64Encoder();
:> String genSignature = encoder.encode(digest);
:> result = signature.equals(genSignature);
:> }
:> catch(NoSuchAlgorithmException exc)
:> {
:> exc.printStackTrace();
:> }
:>
:> return (result);
:> }
:>
:> protected String generateSignature(Node node)
:> {
:> String id="";
:>
:> System.out.println("Start hash at: " + node.getNodeName());
:> try
:> {
:> byte[] digest =
:> Digest.getDigest(MessageDigest.getInstance("MD5"), node);
:> BASE64Encoder encoder = new BASE64Encoder();
:> id = encoder.encode(digest);
:> }
:> catch(NoSuchAlgorithmException exc)
:> {
:> exc.printStackTrace();
:> }
:>
:> return (id);
:> }
:>
:>
:> ---
:> This email is sent to you by...me
:> You're welcome to visit my sites at:
:>
:> http://www.cyberhighscore.com
:> http://www.i-ware.net
:> or
:> ICQ: 31720413
:>
:> Direct downloads:
:> Free Game: http://www.i-ware.net\binaries\thrillfill.zip
:> Free Tool: http://www.i-ware.net\binaries\thrillfilleditor2.zip
:>
:>
winmail.dat