Validating a digital signature in an xml

Hi,
Im working on validating a digital signature from an xml file . Im using the below code to get the value of signature node from the xml file.
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
I'm getting it as nodelist object . When i try to get the length of the signature element it says 0 and hence it throws me an exception .
I have to pass this nodeliest object to validate the xml file. Im attaching the xml file as well as the progarm to validate the xml file . Can somebody help me on this.
Validate.java
import javax.xml.crypto.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dom.*;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.*;
import java.io.File;
import java.io.FileInputStream;
import java.security.*;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
* This is a simple example of validating an XML
* Signature using the JSR 105 API. It assumes the key needed to
* validate the signature is contained in a KeyValue KeyInfo.
public class Validate {
public static void main(String[] args) throws Exception {
try
File file = new File("c:\\test.xml");
// Instantiate the document to be validated
     DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
     DocumentBuilder db = dbf.newDocumentBuilder();
     dbf.setNamespaceAware(true);
     //Document doc = dbf.newDocumentBuilder().parse(new FileInputStream("C://signature.xml"));
Document doc = db.parse(file);
     // Find Signature element
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
System.out.println("the nodelist value is"+nl);
          if (nl.getLength() == 0) {
     throw new Exception("Cannot find Signature element");
     // Create a DOM XMLSignatureFactory that will be used to unmarshal the
     // document containing the XMLSignature
     XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
     // Create a DOMValidateContext and specify a KeyValue KeySelector
// and document context
     //DOMValidateContext valContext = new DOMValidateContext
     // (new KeyValueKeySelector(), nl.item(0));
     DOMValidateContext valContext = new DOMValidateContext
(new KeyValueKeySelector(), nl.item(0));
          // unmarshal the XMLSignature
     XMLSignature signature = fac.unmarshalXMLSignature(valContext);
     // Validate the XMLSignature (generated above)
     boolean coreValidity = signature.validate(valContext);
     // Check core validation status
     if (coreValidity == false) {
     System.err.println("Signature failed core validation");
     boolean sv = signature.getSignatureValue().validate(valContext);
     System.out.println("signature validation status: " + sv);
     // check the validation status of each Reference
     Iterator i = signature.getSignedInfo().getReferences().iterator();
     for (int j=0; i.hasNext(); j++) {
          boolean refValid =
          ((Reference) i.next()).validate(valContext);
          System.out.println("ref["+j+"] validity status: " + refValid);
     } else {
     System.out.println("Signature passed core validation");
catch (Exception e)
     e.printStackTrace();
* KeySelector which retrieves the public key out of the
* KeyValue element and returns it.
* NOTE: If the key algorithm doesn't match signature algorithm,
* then the public key will be ignored.
private static class KeyValueKeySelector extends KeySelector {
     public KeySelectorResult select(KeyInfo keyInfo,
KeySelector.Purpose purpose,
AlgorithmMethod method,
XMLCryptoContext context)
throws KeySelectorException {
if (keyInfo == null) {
          throw new KeySelectorException("Null KeyInfo object!");
SignatureMethod sm = (SignatureMethod) method;
List list = keyInfo.getContent();
for (int i = 0; i < list.size(); i++) {
          XMLStructure xmlStructure = (XMLStructure) list.get(i);
     if (xmlStructure instanceof KeyValue) {
PublicKey pk = null;
try {
pk = ((KeyValue)xmlStructure).getPublicKey();
} catch (KeyException ke) {
throw new KeySelectorException(ke);
// make sure algorithm is compatible with method
if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) {
return new SimpleKeySelectorResult(pk);
throw new KeySelectorException("No KeyValue element found!");
//@@@FIXME: this should also work for key types other than DSA/RSA
     static boolean algEquals(String algURI, String algName) {
if (algName.equalsIgnoreCase("DSA") &&
          algURI.equalsIgnoreCase(SignatureMethod.DSA_SHA1)) {
          return true;
} else if (algName.equalsIgnoreCase("RSA") &&
algURI.equalsIgnoreCase(SignatureMethod.RSA_SHA1)) {
          return true;
} else {
          return false;
private static class SimpleKeySelectorResult implements KeySelectorResult {
     private PublicKey pk;
     SimpleKeySelectorResult(PublicKey pk) {
     this.pk = pk;
     public Key getKey() { return pk; }
test.xml
<?xml version="1.0" encoding="UTF-8"?><Signature XMLNS="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#CWRT"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>VWmTb6knCBXhNjDLp6w5aX79AW4=</DigestValue></Reference><Reference URI="js/weatherData.js"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>aRyqMcnVA7UsxHaq3VPjIzKnR30=</DigestValue></Reference><Reference URI="js/accuweather.js"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>NKBau43TGuOTSwOiFLtC7xgeUxk=</DigestValue></Reference><Reference URI="js/location.js"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>SNowBnKItayjP8hVg2a+qlrNnl4=</DigestValue></Reference><Reference URI="index.html"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>ImhqtDT/KgYLUMwhzBjxo7kX16c=</DigestValue></Reference><Reference URI="images/bg_fade_current.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>6YBFwLJdH7wLSLwgheOzTgLxe0g=</DigestValue></Reference><Reference URI="images/setdefault.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>VD9Ay9DjNvHoCt4QpWI6H5gHo84=</DigestValue></Reference><Reference URI="images/bg_portrait.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>eMNhpeowX/LaxFhZ0choyWoGdnU=</DigestValue></Reference><Reference URI="images/form_bg.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>xRsfhpWI8R21vXcPd73EJ0SPg4c=</DigestValue></Reference><Reference URI="images/nav_hourly_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>7tBjRZQ6PC5uVRg8J5bAFTmBS4s=</DigestValue></Reference><Reference URI="images/bg_landscape.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>nTZ9DoZPW1UgjEvE3WfSBt3DdYA=</DigestValue></Reference><Reference URI="images/nav_maps_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>ywLUlQ+DCMuybGr2YLYDQx85jJw=</DigestValue></Reference><Reference URI="images/nav_graph_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>853j9KcFEpuI5c8e5+0TEpmU33U=</DigestValue></Reference><Reference URI="images/label_forecast.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>2feKnZklWElbyqItqq5Q1bZRtn4=</DigestValue></Reference><Reference URI="images/bg_fade_content_wide.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>GDFP4Tcu96NBOCo9qRw7K25l8as=</DigestValue></Reference><Reference URI="images/btn_getlocation.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>sJajd6TTV4VyB2ibMRl8hM4cV+8=</DigestValue></Reference><Reference URI="images/bg_fade_home.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>joxnBor/RV5uvqc+SiNU613+W6U=</DigestValue></Reference><Reference URI="images/label_hourly.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>uinbV5pKm/XFwNsBjI21m0tYkhs=</DigestValue></Reference><Reference URI="images/wxicons/33.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>X8HvsFhHLUr3624myAcox9QyagQ=</DigestValue></Reference><Reference URI="images/wxicons/37.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>ldJztK5xrBf3UOyRkSN9zFAootc=</DigestValue></Reference><Reference URI="images/wxicons/13.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>bAah/tMqPUVrXis2iiOZLYo4jRw=</DigestValue></Reference><Reference URI="images/wxicons/16.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>UZ2CKfWZN/FCLnILVz8bIXWlRAA=</DigestValue></Reference><Reference URI="images/wxicons/19.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>jRL/Ea5Dcj7DpvKOHnqGvUmpw4Q=</DigestValue></Reference><Reference URI="images/wxicons/18.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>76si6qIfm8bAPKBRIQCQScg0Mow=</DigestValue></Reference><Reference URI="images/wxicons/44.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>HkCAXti0I181Pjqkw2QNTjXN6/8=</DigestValue></Reference><Reference URI="images/wxicons/08.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>OAvQ6xMeMXCFznUUMZyL1frgJQk=</DigestValue></Reference><Reference URI="images/wxicons/20.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>BavTiifJ1XKhQx/AO4Y2PywHi+w=</DigestValue></Reference><Reference URI="images/wxicons/12.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>NNVCA+3eTGXWUXGjO1G4qoPPDaU=</DigestValue></Reference><Reference URI="images/wxicons/36.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>5Wy7pMJKjwc+fdL0+ez3OrhZ/WY=</DigestValue></Reference><Reference URI="images/wxicons/32.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>GrhBWg3ODd19NHkdaEyuzUDYGaQ=</DigestValue></Reference><Reference URI="images/wxicons/25.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>kVSt7ZBsrGBlnRp2mnNd4jzbjdc=</DigestValue></Reference><Reference URI="images/wxicons/29.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>CHkrsHgL9qFAKCgxQfGOaBgCg+A=</DigestValue></Reference><Reference URI="images/wxicons/17.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>SxQBu2aYDFDTD1N6XXcL/Z9r2G0=</DigestValue></Reference><Reference URI="images/wxicons/05.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>UR0ntm9xdDzhcq9m+EqdcDRhk5I=</DigestValue></Reference><Reference URI="images/wxicons/06.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>XUKHRCVRhhgG7M44QlhzFKulVf0=</DigestValue></Reference><Reference URI="images/wxicons/40.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>0vBrc/yiUz4pE8epTER19nblmCA=</DigestValue></Reference><Reference URI="images/wxicons/41.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>y5a8jOOsS/qPhcEMQV3Aufb/aNE=</DigestValue></Reference><Reference URI="images/wxicons/Thumbs.db"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>pch5wjLWZAPSgNO09d1x7SMayY=</DigestValue></Reference><Reference URI="images/wxicons/14.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>QoLGKWD8MVS0XxCvkvweDmYg1U=</DigestValue></Reference><Reference URI="images/wxicons/42.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>D9K0JzNNrtpryfckrNQNS87y1BQ=</DigestValue></Reference><Reference URI="images/wxicons/43.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>qlRMGFaqLYTej/k3k1wAGL+GWxM=</DigestValue></Reference><Reference URI="images/wxicons/04.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>a2ftn992/Hl3y1wp9IzsLSSqDdk=</DigestValue></Reference><Reference URI="images/wxicons/30.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>6Ad7HYjHxySf33JzQdS/oDTgcno=</DigestValue></Reference><Reference URI="images/wxicons/23.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>LsAfryFOtLhgviUgiOXM3z4lBAA=</DigestValue></Reference><Reference URI="images/wxicons/07.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>bV4gju3kZ780HDNOVP2lHE1TDW4=</DigestValue></Reference><Reference URI="images/wxicons/22.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>AeFmuHupwwVszEvbV94o0rngpCQ=</DigestValue></Reference><Reference URI="images/wxicons/01.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>6DsWdqkV1/ub3FaeUeXvxsQxckA=</DigestValue></Reference><Reference URI="images/wxicons/21.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>Z4W51hSrbkM5N91/F9xwDJwABb0=</DigestValue></Reference><Reference URI="images/wxicons/38.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>Jfl9KECyaQ68D0Fq2iyAHubQYJE=</DigestValue></Reference><Reference URI="images/wxicons/35.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>c1SmObYV0bMJwveQBuyOk/aHjoY=</DigestValue></Reference><Reference URI="images/wxicons/39.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>apdCy1y7Bhx4c8j8xZKpw9sLiHQ=</DigestValue></Reference><Reference URI="images/wxicons/34.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>RlUoSL1kyNF/LNHglKJojfidqDo=</DigestValue></Reference><Reference URI="images/wxicons/24.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>rp274RE36TIQ/cJqykbC1pfma64=</DigestValue></Reference><Reference URI="images/wxicons/31.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>4T9iGJPK46NYQtmGWyvMhFXqefg=</DigestValue></Reference><Reference URI="images/wxicons/15.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>V/kRSkl8RuSLp5XHkK+Ev2qkA/Q=</DigestValue></Reference><Reference URI="images/wxicons/02.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>LnzYacHZQ8dWbBsfY/xIBFf+FhY=</DigestValue></Reference><Reference URI="images/wxicons/26.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>L/fdXr1GduUly+gZoqoHtjSEeug=</DigestValue></Reference><Reference URI="images/wxicons/11.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>5tlEUU8jkLu69GjxyKrj/dlCBnE=</DigestValue></Reference><Reference URI="images/wxicons/03.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>eVam0Q5Ns+f0ivmOFlayoQjFJuQ=</DigestValue></Reference><Reference URI="images/btn_severe_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>xkpq8N5rnVv2QUOOPEC3t2UZ3io=</DigestValue></Reference><Reference URI="images/bg_fade_prefs.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>mGtHZB8HWR4Kr46E9ibtgPqkSjg=</DigestValue></Reference><Reference URI="images/btn_previous.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>tYsSyliuIQHfoqX8Ljjd514gjiY=</DigestValue></Reference><Reference URI="images/btn_search.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>Xs3TiHv5GVKqvqKcH4QQTLGeL5M=</DigestValue></Reference><Reference URI="images/nav_calendar_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>km6Jeefk1pbxhKPuKdX0tAikn20=</DigestValue></Reference><Reference URI="images/bg_fade_location.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>dsoQD4U3FStFnFCn9IU8XZOnbZ8=</DigestValue></Reference><Reference URI="images/logo_leaf.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>AI6UYnx1653B/rX71hqlXRYayK0=</DigestValue></Reference><Reference URI="images/radar.jpg"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>IEaZz7VDYcwgBHJhTFttbNpSr8=</DigestValue></Reference><Reference URI="images/btn_done.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>VZYygwwnJmzSykTWnC3UMjx7UVU=</DigestValue></Reference><Reference URI="images/Thumbs.db"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>aXryLm/7bU2iLfP6mwM96Q7iFfk=</DigestValue></Reference><Reference URI="images/btn_plus.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>apIaI0Q/XpYkQIZgrE8y4KDpe34=</DigestValue></Reference><Reference URI="images/label_calendar.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>Ek3gLnM9lZCvsJrn49FinTEFoc=</DigestValue></Reference><Reference URI="images/btn_severe_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>rMRQheIr8WGukddQsbW79yPUa68=</DigestValue></Reference><Reference URI="images/bg_fade_about_wide.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>exAFOiVOEx5VKUopSxkbRc3RTLc=</DigestValue></Reference><Reference URI="images/btn_removelocation.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>BAAQeIMdUoZumMexhxIJFLOXy8M=</DigestValue></Reference><Reference URI="images/label_weathermap.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>QLd8kSOk/dq9/PtPl3hycoufBGw=</DigestValue></Reference><Reference URI="images/space.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>lPyPvOmX8EoCzEM8iIruq8hfHIE=</DigestValue></Reference><Reference URI="images/btn_magnify.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>3lSDkwWlIMufqacsbJ8dShiDvPc=</DigestValue></Reference><Reference URI="images/btn_next.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>5l3/6rRyibJQXlQdSfopJ4Q9e3o=</DigestValue></Reference><Reference URI="images/bg_fade_current_wide.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>klPlC3aqn33AAxtAzDCksik4CXo=</DigestValue></Reference><Reference URI="images/nav_hourly_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>oW7HwXpGfcEz6q1UEixc48IuEf0=</DigestValue></Reference><Reference URI="images/btn_shrink.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>/6ORP54At9CAqkQno9aCvbXCF2E=</DigestValue></Reference><Reference URI="images/bg_cal_date.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>g10327Jhy+CE2XXE62b6Ea6cUZg=</DigestValue></Reference><Reference URI="images/key.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>anFOcEcBGzbkeEsfKJ7+y3S2Y0E=</DigestValue></Reference><Reference URI="images/degree_f.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>QtJd4lj3Gaqm59G0J6TT87N9jLk=</DigestValue></Reference><Reference URI="images/bg_fade_about.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>rYYhIG+rT3f8jPqSuzC65g2BRuE=</DigestValue></Reference><Reference URI="images/degree_c.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>0AwnOwXF+1iAySDhG6u+WKGzmEE=</DigestValue></Reference><Reference URI="images/nav_maps_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>B7IsyllFvqC+hrxow9QlM+IdDkQ=</DigestValue></Reference><Reference URI="images/label_graph.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>8dKb7eEM6PKj2NqpJmTIA6d4OZw=</DigestValue></Reference><Reference URI="images/bg_fade_nav.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>0gR7yxY7kUde+5gnApaniAR70c4=</DigestValue></Reference><Reference URI="images/nav_forecast_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>T6cSnzVZ6+NYmcJkSxagrBG34VA=</DigestValue></Reference><Reference URI="images/bg_fade_content.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>eAAeix95CFcyTRFP0L37wCTiCT4=</DigestValue></Reference><Reference URI="images/nav_calendar_off.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>+7NYqrzg6E42x4bcSmI7oR+06Ok=</DigestValue></Reference><Reference URI="images/nav_graph_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>IuDRMdZ5SGeHtOUrIO6N8Kz2ug0=</DigestValue></Reference><Reference URI="images/logo_accu.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>/uv3wU6UomVHWqNw6FnQYutp19g=</DigestValue></Reference><Reference URI="images/nav_forecast_on.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>x+QqY/MePBUZryW4TH5q+IF1G+g=</DigestValue></Reference><Reference URI="config.xml"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>xo9qqZXg+0DwkCx8Kks9jgMLaLA=</DigestValue></Reference><Reference URI="css/accuweather.css"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>wIZ0bV7p0RmG7GEQzl9GoN+MMEs=</DigestValue></Reference><Reference URI="icon.png"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>vReEx8PURNyRoFZDvLHfXSAW5U=</DigestValue></Reference></SignedInfo><SignatureValue>H6RxXxj0OfpZuhbNHUkm048kZ1uzlGUwQV4TadOvFJ0VKHIyjTcJgzx7ApSUmCTjg/5JaRufBjAzihXmd7UTkq+aVm8smRgHpr3puz0w2wKGhPizO0dz4qfw3U7lqV6eLgSDakRj1jnFgqcMVHI+0k5vvYeVxgUVi6bz2b+IbM=</SignatureValue><Object Id="CWRT"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties" ><SignatureProperty Id="profile"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile" /></SignatureProperty><SignatureProperty Id="role"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor" /></SignatureProperty><SignatureProperty Id="identifier"><dsp:Identifier>{247220a7-f378-4151-83d3-6be32024c0ae}</dsp:Identifier></SignatureProperty></SignatureProperties></Object><KeyInfo><X509Data><X509Certificate>MIICzDCCAjWgAwIBAgIBADANBgkqhkiG9w0BAQUFADArMRAwDgYDVQQKEwdSRCBD
ZXJ0MRcwFQYDVQQDEw5SRCBDZXJ0aWZpY2F0ZTAeFw0wNDExMTUxMjQyMDZaFw0z
NzA5MjMxMjQyMDZaMCsxEDAOBgNVBAoTB1JEIENlcnQxFzAVBgNVBAMTDlJEIENl
cnRpZmljYXRlMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDLRF+r1FGGkCwT
rb420kbnAps7gi1yYUcXYUdWeFTuBeQe5eW46Y+LWaA8HMlDdoHRB0FgASisYcFa
gwno9+oFf4AJka4H1gWEs5XTGwAA1s0d8XGh7W7Dt9F5FZij8F7/9Pi6+FhhxZFI
f1DD+yry9D7+Sp+BgdNALe4XOpf25QIBA6OCAQAwgf0wDAYDVR0TBAUwAwEB/zAL
BgNVHQ8EBAMCAoQwHQYDVR0OBBYEFFi/kuGzxhVpjGxe9ZwlxC3fH9jFMFMGA1Ud
IwRMMEqAFFi/kuGzxhVpjGxe9ZwlxC3fH9jFoS+kLTArMRAwDgYDVQQKEwdSRCBD
ZXJ0MRcwFQYDVQQDEw5SRCBDZXJ0aWZpY2F0ZYIBADBsBgNVHSAEZTBjMGEGBFUd
IAAwWTATBggrBgEFBQcCARYHaHR0cDovLzBCBggrBgEFBQcCAjA2GjRGb3IgUiZE
IHVzYWdlIG9ubHkuIFRoaXMgY2VydGlmaWNhdGUgaXMgbm90IHRydXN0ZWQuMA0G
CSqGSIb3DQEBBQUAA4GBAHGB4RQMAgBdeT2hxfOr6f2nA/dZm+M5yX5daUtZnET9
Ed0A9sazLawfN2G1KFQT9kxEParAyoAkpbMAsRrnRz/9cM3OHgFm/NiKRnf50DpT
7oCx0I/65mVD2kt+xXE62/Ii5KPnTufIkPi2uLvURCia1tTS8JmJ8dtxDGyQt8BR</X509Certificate></X509Data></KeyInfo></Signature>

>
// Instantiate the document to be validated
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder db = dbf.newDocumentBuilder();
dbf.setNamespaceAware(true);
Document doc = db.parse(file);Your problem is that you've instantiated the DocumentBuilder before you've made the factory namespace aware. As a result, does not know against which namespace it is parsing the XML file.
Change the lines of code to have the factory be namespace-aware before you instantiate the DocumentBuilder and then parse the class. You'll get past your "node not found" error to receive a number of other errors which you need to correct.
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
Document doc = dbf.newDocumentBuilder().parse(file);As a practice when generating an XML document, you should try to validate it inside an IDE like Netbeans/Eclipse before trying to do anything with the document to ensure you've not only got a well-formed XML document, but also one that is "schema-conformant. Your XML signature is not (the Object element cannot come before the KeyInfo element, and the SignatureProperty element is missing the required Target attribute); as a result your Signature element will fail to pass validation even if your code is correct. A cursory review of the XML Signature specs and its XSD is always helpful: [http://www.w3.org/TR/xmldsig-core/].
Finally, please use the {code} tag for source-code to make it readable. Thanks.
Arshad Noor
StrongAuth, Inc.

Similar Messages

  • I livecycle process verifies the validity of digital signatures

    Hello, I have to create a process that I livecycle verify the validity of digital signatures in PDF format. can you help me?

    hello thanks for the reply, I tried the process and works in part, the only problem in the variable verificationResult
    process output tells me <identityStatus> UNKNOWN </ identityStatus> though I imported the certificate in to livecycle
    how can I fix this?

  • Digital signature save file xml

    hello, you can save the digital signature in an XML file?

    Make sure you also change your SignatureMethod algorithm to RSA_SHA1, ex:
    ... fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null) ...

  • Validating a Digital Signature or ID

    I have created a Digital ID and signature in Adobe Acrobate. When I sign a docuement and sent it to others, they are using Adobe Reader X (version 10.0.1) to open the docuement. They get the following error message at the top of the document. I belive they need to validate the signature in order to get rid of this error. But I am not sure how to vallidate the signature.Can anyone help me do this?
    Thank you!

    The issue here is not the validation of the signature but rather trust in the signature.  Much like you need to verify a handwritten signature to be sure it is coming from the person you expect, Acrobat by default also recommends you check the signature as well.
    For more information on this, please refer to this series of blog entries, which will give you the details on trust in signatures:
    http://blogs.adobe.com/security/2011/03/trust-us-trust-in-electronic-signatures-revisited. html
    Thanks.

  • Validation of digital signature

    Hello All,
    Can anyone please tell me how can i validate the digital signature field before submitting it through submit button.
    Regards,
    Menaka.H.B

    Hi Chintan,
    it's me again
    I implemented everything like explained in the documents! Especially the guide "How to Secure the Access to the Adobe Document Services" was very useful for me!
    But unfortunately the signature in my PDF document will not be validated.
    I have this scenario:
    1. Start BPM workflow
    2. Generate PDF and send to user
    3. User fill out form, sign it and send it back to the forms mail server
    4. Readout user input and map to BPM content
    At the moment it does not matter if I sign with valid or non valid, or no sign the PDF. It works anyway!
    May you help!
    Regards

  • Send a digital signature along with xml file

    My requirment is that I am to send a file along with digital signature,authorizing the envoys, which are conducted by the algorithm MD5
    (cryptographic algorithm reduction of 128 bits) and RSA PCKS1. How to send it and at receiver end(SOAP Adapter) how to authenticate it?
    What is  algorithm MD5 (cryptographic algorithm reduction of 128 bits) and RSA PCKS1?

    Hi Jaideep,
    do chk this links
    Using Digital Signatures in XI
    How to use Digital Certificates for Signing & Encrypting Messages in XI
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/9727ea90-0201-0010-be8e-b649280fe6ff
    Regards
    Sampath

  • Validation before Digital Signature

    Hello everybody,
    I created a form in Lifecycle ES working like a charm.
    Now i have added a JavaScript for validating the entries in the Form.
    My idea is to launch the validation before the user enters the signature. When the signature is added the validation must have been passed successfully.
    I have begun with adding an event_enter JS to activate the validation.
    The Problem is that the signature dialogue box opens anyway. How can I get rid of this dialog box?
    Thank you for your kind help
    Best regards
                           Ch. Du Champs

    Please post in the LiveCycle Designer ES forum.

  • What is the legal validity of digital signature in adobe reader?

    Good afternoon.
    Sign In option of Adobe Reader, I can pick up a manual signature by a person. My question is.
    Is this sign legally valid signature? Can replace a signature on paper?
    many Thanks

    You need to apply a specific right to the file first in Acrobat.

  • Acrobat 9,10 failing to validate digital signature while Acrobat 8 validating it.

    I am facing an issue while validating a digital signature. I applied a certified signature with “Annotation, form fill-in, and digital signatures” but
    when I apply Redaction “find and permanently remove” on a digitally signed document, Adobe Acrobat 9 and 10 complains that signature is Invalid But Adobe 8 is validating it. I have analyzed  that Adobe Acrobat applying Redaction in append mode and original content of signature  remains unchanged after Redaction.
    Can someone let me know what should be the actual behavior?
    Why Adobe Acrobat 9 and 10 failing to verify the signature even Adobe Acrobat keep enable Redaction which means it is allow to apply in a certified signed document with “Annotation, form fill-in, and digital signatures” option.
    Prompt responses are greatly appreciated!!

    When you sign, you should see where you can select the signature appearance name from a dropdown in the dialog.

  • Acrobat is not validating digital signature

    Hi Everybody...
    I have generated a pdf file which includes digital signatures.
    But the acrobat is not validating the digital signature. But if
    we open this file in PDF-xchange viewer, it shows that the
    signatures are valid. Acrobat generates the following error...
    Error during signature verification.
    Signature contains incorrect, unrecognized, corrupted or
    suspicious data.
    Support Information: SigDict /Contents illegal data
    What may be the problem?

    Thank you Bernd for your kind and simple reply  
    I am uploading my file with my certificate which i am using for my digital
    signatures. Please have a deep look at contents entry. Use ASNVIEWER or
    decoder etc......
    Thanks again and Best Regards

  • Digital Signature Validation process goes into unending state

    Hi all
    I am working Adobe Digital Signatures in Web Dynpro Java applications. I have been using [this|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/com.sap.km.cm.docs/media/streamingmedia/developer-areas/user-interface-technology/interactive-forms/securing%20online%20interactive%20forms%20by%20adobe%20(Session%208)/index.html?slide=] webinar to follow steps to configure SSL and validation of Digital Signatures.
    After doing all necessary configurations, I am able to run my web dynpro applications containing interactive forms in secure mode.
    But when I sign with digital signature and try to validate the form, the application keeps on processing and shows no result.
    I tried debugging my application but control does not reach my button action code. I am clueless.
    I would be thankful to receive any hints or pointers from you.
    Thanks in advance.
    Kapil

    Following blog discusses solution to this prob
    /people/kapil.kamble/blog/2009/07/08/experimenting-with-digital-signatures-in-sap-interactive-forms-by-adobe
    Kapil

  • Digital signature does not validate with the given key

    We are switching our single-signon provider from openssl to Weblogic's SAML. I am trying to create a test application that will send mock SAML assertions to our test Weblogic SAML server before we begin integration with the client that will send real SAML assertions.
    I have configured a Weblogic 10.3.5 instance to be a SAML Service Provider as well as created an application that creates test SAML assertions to post to the SAML server. I'm currently using a self-signed certificate to sign the SAML assertion. I've imported the self-signed cert into both the DemoIdentiy.jks and cacerts on the Weblogic SAML server.
    The Weblogic SAML server is giving the following error when trying to validate the signature of the assertion:
    <SAML2Assert: Start verify assertion signature>
    <SAML2Assert: The assertion is signed.>
    <SAML2Assert: Digital signature does not validate with the given key
    org.opensaml.xml.validation.ValidationException: Digital signature does not validate with the given key
    at org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:68)
         at com.bea.security.saml2.util.SAML2Utils.verifySamlObjectSignature(SAML2Utils.java:229)
         at com.bea.security.saml2.providers.SAML2Assert.verifySignature(SAML2Assert.java:285)
    >
    I get this error when the SAML assertion includes both the cert and the public key, just the cert, just the public key or neither.
    I'm pretty sure I've configured the SAML instance correctly since I followed the steps provided by another group who got this working with a different client. The only difference is they are using a real signed certificate (Verisign i believe) instead of a self signed cert.
    I'm looking for any help to track down which step in the process I've missed or implemented incorrectly.
    Thanks!
    Edited by: 911967 on Feb 6, 2012 12:26 PM

    So I found my own answer to the issue. The error was being caused by an the following xml in the assertion:
    <ds:Reference URI="">
    The value of URI attribute must have a '#' followed by the same value of the ID attribute in the parent 'Assertion' element (in our case a random string):
    <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="a5k42vnhsywezqzyufq15c4bb9xuzeozrmbppj38xe" IssueInstant="2012-03-12T14:33:25.986Z" Version="2.0">
    <saml:Issuer>ISSUER_NAME</saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    *<ds:Reference URI="#a5k42vnhsywezqzyufq15c4bb9xuzeozrmbppj38xe">*
    How this is related to the digital signature is beyond me, though I admit I'm very new to saml and digital signing. However I spent a great deal of time investigating my certs and how I was creating the signature, which it seems is unrelated to the actual issue. I also wasn't able to find any docs specifying that this attribute was required, though I might have just missed it.

  • Digital Signatures and APEX

    Has anyone had any success implimenting digital signatures (PKI) within APEX?
    Here is a brief synapsis of what we are looking to accomplish and realize that third-party hardware/software might be necessary. We require users to login using LDAP credentials. We want them to be able to generate documents (i.e. PDF, Word, or Excel) from our application data. We want the users to have the ability to Digitally Sign their documents. We will be issuing individual private keys & certificates and we are considering generating the documents as XML. We are still in requirements gathering, but wanted to explore any and all capabilities within APEX.
    Any thoughts? Thanks.

    Hello Francesco,
    I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
    http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
    Digital Signatures and Document Encryption api
    so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
    Kind Regards,
    Kubra fatima.

  • Digital signatures and view document througt URL

    Hello together,
    We use status document and digital signatures workflow and we canu2019t use URL link to documents which have been approved. In browseru2019s window I see digital signatures information and error :u201DHTTP 404 the web page cannot be foundu201D.
    In transaction SOLAR01, SOLAR02 when, I display approved document, at first I see the windows with digital signatures information and then, after push enter - required document.
    If document in status u201Cin progressu201D we donu2019t have problem.
    Could you help me to resolve this problem or disable windows with signatures information?

    Hello Francesco,
    I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
    http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
    Digital Signatures and Document Encryption api
    so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
    Kind Regards,
    Kubra fatima.

  • Java SSF for Digital Signatures and Document Encryption

    Hello,
    I have read in "SAP Help - Java Development Manual" that there is a Java SSF library for Digital Signatures and Document Encryption API.
    http://help.sap.com/saphelp_nw04s/helpdata/en/4f/65c3b32107964996a56e4165077e24/frameset.htm
    I am trying to develop an example application in NWDS using Interfaces/classes (ISsfData, SsfDataXml...), but NWDS does not find this classes in any library.
    I have searched for Javadocs in NWDS plugins directory and this classes and interfaces should be in JAR com.sap.security.api.jar, but they aren't there.
    Our WAS version is: NW04s WAS 7.0 SP11 and he have downloaded Java Crypto Library (IAIK) and also SAP XML Toolkit.
    Does anyone know how to find or obtain this library?
    Thanks in advance,
    Jorge Linares

    Hello Francesco,
    I want to  generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
    http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
    Digital Signatures and Document Encryption api
    so my question  is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
    Kind Regards,
    Kubra fatima.

Maybe you are looking for