
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>

<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; margin: 0; padding: 20px;">


<div>

        <table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: 1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">

                <tbody>

                        <tr>


                                <td>


                                        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">

                                                <tbody>

                                                        <tr>

                                                                <td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; -webkit-border-top-left-radius: 5px;">

                                                                        <h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; margin: 0; display: block !important;">

                                                                        <!-- To have a header image/logo replace the name below with your img tag -->

                                                                        <!-- Email clients will render the images when the message is read so any image -->

                                                                        <!-- must be made available on a public server, so that all recipients can load the image. -->

                                                                        <a href="http://community.jboss.org/index.jspa" style="text-decoration: none; color: #E1E1E1">JBoss Community</a></h1>

                                                                </td>


                                                        </tr>

                                                        <tr>

                                                                <td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; color:#333333; padding: 20px;  -moz-border-radius-bottomleft: 4px; -moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; -webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: 17px; font-weight: normal;">

    Manual validation of SignatureValue

</h3>

<span style="margin-bottom: 10px;">

    created by <a href="http://community.jboss.org/people/giogio">Giovanni Castellari</a> in <i>JBoss Web Services</i> - <a href="http://community.jboss.org/message/575559#575559">View the full discussion</a>

</span>

<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">


<div class="jive-rendered-content"><p><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">Hello, I'm trying to do a "manual" verification of a XML-Signed message. The message is the following, taken as is </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">from the server.log:</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&lt;env:Envelope xmlns:env='</span><a class="jive-link-external-small" href="http://schemas.xmlsoap.org/soap/envelope/" target="_blank">http://schemas.xmlsoap.org/soap/envelope/</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> &lt;env:Header&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160; &lt;wsse:Security env:mustUnderstand='1' xmlns:wsse='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</a><span>' xmlns:wsu='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160; &lt;wsu:Timestamp wsu:Id='timestamp'&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160; &lt;wsu:Created&gt;2010-12-07T16:37:40.038Z&lt;/wsu:Created&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160; &lt;/wsu:Timestamp&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160; &lt;wsse:BinarySecurityToken EncodingType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary</a><span>' ValueType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a><span>' wsu:Id='token-2-1291739860138-12935734'&gt;MIIBnDCCAQUCBEz+E1kwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKbWlvY2xpZW50MTAeFw0x</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">MDEyMDcxMDU4MzNaFw0xMTAzMDcxMDU4MzNaMBUxEzARBgNVBAMTCm1pb2NsaWVudDEwgZ8wDQYJ</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">KoZIhvcNAQEBBQADgY0AMIGJAoGBAJlzh8T0w+FG/uJ6oDzc6uVSJMgJhuL851BPjoAynW7wCeGV</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">1EEydEr2S9qOwsUEg32mLn6s9Mf19nkI3nGHjCuS9SmIil5WilWGWsHqfFSUFB7goKeLfqdGtP5i</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">WDZ4QFVZ0AjMjJZP9tAY8FYzkmJUEkcg5T2OcW/1019/Ttk5AgMBAAEwDQYJKoZIhvcNAQEEBQAD</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">gYEAP6De4XP3wSYDWqSUCgJZNqddZUJFIDxYp5cV6jH4yckV/xniD3IvVcTx8bCykbwWDEec3z95</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">BdYWNPuU2DPWtcab3dTtD7JXez1+Ywi2IYIexChQbthkziLXkvGoPofe9Z7BlaE3hiFzPMKWRjDF</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">qSOScxAyjSebLPvczWozAWQ=&lt;/wsse:BinarySecurityToken&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160; &lt;ds:Signature xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160; &lt;ds:SignedInfo xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160; &lt;ds:CanonicalizationMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160; &lt;ds:SignatureMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#rsa-sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160; &lt;ds:Reference URI='#element-1-1291739860070-11803898' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:Transforms xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160;&#160; &lt;ds:Transform Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160;&#160; &lt;/ds:Transforms&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:DigestMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:DigestValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;d2cIarD4atw3HFADamfO9YTKkKs=&lt;/ds:DigestValue&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160; &lt;/ds:Reference&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160; &lt;ds:Reference URI='#timestamp' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:Transforms xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160;&#160; &lt;ds:Transform Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160;&#160; &lt;/ds:Transforms&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:DigestMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;ds:DigestValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;YR/fZlwJdw+KbyP24UYiyDv8/Dc=&lt;/ds:DigestValue&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160; &lt;/ds:Reference&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160; &lt;/ds:SignedInfo&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160; &lt;ds:SignatureValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">OZg96GMrGh0cEwbpHwv3KDhFtFcnzPxbwp9Xv0pgw8Mr9+NIjRlg/G1OyIZ3SdcOYqqzF4/TVLDi</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">5VclwnjBAFl3SEdkyUbbjXVAGkSsxPQcC4un9UYcecESETlAgV8UrHV3zTrjAWQvDg/YBKveoH90</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">FIhfAthslqeFu3h9U20=</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&lt;/ds:SignatureValue&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160; &lt;ds:KeyInfo xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160; &lt;wsse:SecurityTokenReference wsu:Id='reference-3-1291739860138-11726490'&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160;&#160;&#160;&#160;&#160; &lt;wsse:Reference URI='#token-2-1291739860138-12935734' ValueType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/</a><span>&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160;&#160; &lt;/wsse:SecurityTokenReference&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160;&#160; &lt;/ds:KeyInfo&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160; &lt;/ds:Signature&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160; &lt;/wsse:Security&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> &lt;/env:Header&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span> &lt;env:Body wsu:Id='element-1-1291739860070-11803898' xmlns:wsu='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>&#160; &lt;ns1:addizionami xmlns:ns1='</span><a class="jive-link-external-small" href="http://prova/ejb/to/ws/types" target="_blank">http://prova/ejb/to/ws/types</a><span>' xmlns:ns2='</span><a class="jive-link-external-small" href="http://prova/ejb/to/ws/types" target="_blank">http://prova/ejb/to/ws/types</a><span>'&gt;</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160; &lt;Integer_1&gt;3&lt;/Integer_1&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160;&#160; &lt;Integer_2&gt;78&lt;/Integer_2&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&#160; &lt;/ns1:addizionami&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> &lt;/env:Body&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">&lt;/env:Envelope&gt;</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">This message was sent from a servlet deployed on JBoss 4.2.3GA and received by a WS-Security configured Web Service</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">deployed locally (on the same JBoss instance). All the automatic JBoss verifications are successful, here's the</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">log:</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">2010-12-07 17:37:40,404 INFO&#160; [org.apache.xml.security.signature.Reference] Verification successful for URI "#element-1-1291739860070-11803898"</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">2010-12-07 17:37:40,405 INFO&#160; [org.apache.xml.security.signature.Reference] Verification successful for URI "#timestamp"</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">2010-12-07 17:37:40,417 DEBUG [org.jboss.ws.extensions.security.WSSecurityDispatcher] Verification is successful</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">Now I want to verify this manually, so I decrypt the SignatureValue content with the public key and I obtain:</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">3021300906052b0e03021a05000414dccdb8570286d36c94bba8e5107faee91e0df088</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">I think I did this manual decryption well, because you can recognize the "ASN.1 BER SHA1 algorithm designator </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"><span>prefix" (</span><a class="jive-link-external-small" href="http://www.w3.org/TR/xmldsig-core/" target="_blank">http://www.w3.org/TR/xmldsig-core/</a><span>) in the first part of this hex string (3021300906052b0e03021a05000414).</span></div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">So the second part (dccdb8570286d36c94bba8e5107faee91e0df088) is my hash value, i.e. the SHA1 computation of the</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">canonicalized SignedInfo element, and in fact it's exactly 20 bytes long. But I can't get this hash value from the </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">SignedInfo element. I'm using org.apache.xml.security.c14n.Canonicalizer for the canonicalization. Is there someone</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;">that can obtain this hash value and tell me the exact steps/tools/code used? Thank you in advance.</div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><div id="_mcePaste" style="position: absolute; left: -10000px; top: 0px; width: 1px; height: 1px; overflow-x: hidden; overflow-y: hidden;"> </div><p>Hello, I'm trying to do a "manual" verification of a XML-Signed message. The message is the following, taken as is </p><p>from the server.log:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><pre class="jive-pre"><code class="jive-code jive-xml"><span class="jive-xml-tag"><span>&lt;env:Envelope xmlns:env='</span><a class="jive-link-external-small" href="http://schemas.xmlsoap.org/soap/envelope/" target="_blank">http://schemas.xmlsoap.org/soap/envelope/</a><span>'&gt;</span></span>

 <span class="jive-xml-tag">&lt;env:Header&gt;</span>

&#160; <span class="jive-xml-tag"><span>&lt;wsse:Security env:mustUnderstand='1' xmlns:wsse='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</a><span>' xmlns:wsu='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a><span>'&gt;</span></span>

&#160;&#160; <span class="jive-xml-tag">&lt;wsu:Timestamp wsu:Id='timestamp'&gt;</span>

&#160;&#160;&#160; <span class="jive-xml-tag">&lt;wsu:Created&gt;</span>2010-12-07T16:37:40.038Z<span class="jive-xml-tag">&lt;/wsu:Created&gt;</span>

&#160;&#160; <span class="jive-xml-tag">&lt;/wsu:Timestamp&gt;</span>

&#160;&#160; <span class="jive-xml-tag"><span>&lt;wsse:BinarySecurityToken EncodingType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary</a><span>' ValueType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a><span>' wsu:Id='token-2-1291739860138-12935734'&gt;</span></span>MIIBnDCCAQUCBEz+E1kwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKbWlvY2xpZW50MTAeFw0x

MDEyMDcxMDU4MzNaFw0xMTAzMDcxMDU4MzNaMBUxEzARBgNVBAMTCm1pb2NsaWVudDEwgZ8wDQYJ

KoZIhvcNAQEBBQADgY0AMIGJAoGBAJlzh8T0w+FG/uJ6oDzc6uVSJMgJhuL851BPjoAynW7wCeGV

1EEydEr2S9qOwsUEg32mLn6s9Mf19nkI3nGHjCuS9SmIil5WilWGWsHqfFSUFB7goKeLfqdGtP5i

WDZ4QFVZ0AjMjJZP9tAY8FYzkmJUEkcg5T2OcW/1019/Ttk5AgMBAAEwDQYJKoZIhvcNAQEEBQAD

gYEAP6De4XP3wSYDWqSUCgJZNqddZUJFIDxYp5cV6jH4yckV/xniD3IvVcTx8bCykbwWDEec3z95

BdYWNPuU2DPWtcab3dTtD7JXez1+Ywi2IYIexChQbthkziLXkvGoPofe9Z7BlaE3hiFzPMKWRjDF

qSOScxAyjSebLPvczWozAWQ=<span class="jive-xml-tag">&lt;/wsse:BinarySecurityToken&gt;</span>

&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Signature xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:SignedInfo xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:CanonicalizationMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:SignatureMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#rsa-sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Reference URI='#element-1-1291739860070-11803898' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Transforms xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Transform Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:Transforms&gt;</span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:DigestMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:DigestValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>d2cIarD4atw3HFADamfO9YTKkKs=<span class="jive-xml-tag">&lt;/ds:DigestValue&gt;</span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:Reference&gt;</span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Reference URI='#timestamp' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Transforms xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:Transform Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2001/10/xml-exc-c14n#" target="_blank">http://www.w3.org/2001/10/xml-exc-c14n#</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:Transforms&gt;</span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:DigestMethod Algorithm='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#sha1" target="_blank">http://www.w3.org/2000/09/xmldsig#sha1</a><span>' xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#'/" target="_blank">http://www.w3.org/2000/09/xmldsig#'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:DigestValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>YR/fZlwJdw+KbyP24UYiyDv8/Dc=<span class="jive-xml-tag">&lt;/ds:DigestValue&gt;</span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:Reference&gt;</span>

&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:SignedInfo&gt;</span>

&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:SignatureValue xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

OZg96GMrGh0cEwbpHwv3KDhFtFcnzPxbwp9Xv0pgw8Mr9+NIjRlg/G1OyIZ3SdcOYqqzF4/TVLDi

5VclwnjBAFl3SEdkyUbbjXVAGkSsxPQcC4un9UYcecESETlAgV8UrHV3zTrjAWQvDg/YBKveoH90

FIhfAthslqeFu3h9U20=

<span class="jive-xml-tag">&lt;/ds:SignatureValue&gt;</span>

&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;ds:KeyInfo xmlns:ds='</span><a class="jive-link-external-small" href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a><span>'&gt;</span></span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;wsse:SecurityTokenReference wsu:Id='reference-3-1291739860138-11726490'&gt;</span>

&#160;&#160;&#160;&#160;&#160; <span class="jive-xml-tag"><span>&lt;wsse:Reference URI='#token-2-1291739860138-12935734' ValueType='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/</a><span>&gt;</span></span>

&#160;&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/wsse:SecurityTokenReference&gt;</span>

&#160;&#160;&#160; <span class="jive-xml-tag">&lt;/ds:KeyInfo&gt;</span>

&#160;&#160; <span class="jive-xml-tag">&lt;/ds:Signature&gt;</span>

&#160; <span class="jive-xml-tag">&lt;/wsse:Security&gt;</span>

 <span class="jive-xml-tag">&lt;/env:Header&gt;</span>

 <span class="jive-xml-tag"><span>&lt;env:Body wsu:Id='element-1-1291739860070-11803898' xmlns:wsu='</span><a class="jive-link-external-small" href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a><span>'&gt;</span></span>

&#160; <span class="jive-xml-tag"><span>&lt;ns1:addizionami xmlns:ns1='</span><a class="jive-link-external-small" href="http://prova/ejb/to/ws/types" target="_blank">http://prova/ejb/to/ws/types</a><span>' xmlns:ns2='</span><a class="jive-link-external-small" href="http://prova/ejb/to/ws/types" target="_blank">http://prova/ejb/to/ws/types</a><span>'&gt;</span></span>

&#160;&#160; <span class="jive-xml-tag">&lt;Integer_1&gt;</span>3<span class="jive-xml-tag">&lt;/Integer_1&gt;</span>

&#160;&#160; <span class="jive-xml-tag">&lt;Integer_2&gt;</span>78<span class="jive-xml-tag">&lt;/Integer_2&gt;</span>

&#160; <span class="jive-xml-tag">&lt;/ns1:addizionami&gt;</span>

 <span class="jive-xml-tag">&lt;/env:Body&gt;</span>

<span class="jive-xml-tag">&lt;/env:Envelope&gt;</span>

</code></pre><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>This message was sent from a servlet deployed on JBoss 4.2.3GA and received by a WS-Security configured Web Service</p><p>deployed locally (on the same JBoss instance). All the automatic JBoss verifications are successful, here's the</p><p>log:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>2010-12-07 17:37:40,404 INFO&#160; [org.apache.xml.security.signature.Reference] Verification successful for URI "#element-1-1291739860070-11803898"</p><p>2010-12-07 17:37:40,405 INFO&#160; [org.apache.xml.security.signature.Reference] Verification successful for URI "#timestamp"</p><p>2010-12-07 17:37:40,417 DEBUG [org.jboss.ws.extensions.security.WSSecurityDispatcher] Verification is successful</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>Now I want to verify this manually, so I decrypt the SignatureValue content with the public key and I obtain:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>3021300906052b0e03021a05000414dccdb8570286d36c94bba8e5107faee91e0df088</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p>I think I did this manual decryption well, because you can recognize the "ASN.1 BER SHA1 algorithm designator </p><p><span>prefix" (</span><a class="jive-link-external-small" href="http://www.w3.org/TR/xmldsig-core/" target="_blank">http://www.w3.org/TR/xmldsig-core/</a><span>) in the first part of this hex string (3021300906052b0e03021a05000414).</span></p><p>So the second part (dccdb8570286d36c94bba8e5107faee91e0df088) should be my hash value, i.e. the SHA1 computation of the</p><p>canonicalized SignedInfo element, and in fact it's exactly 20 bytes long. But I can't get this hash value from the </p><p>SignedInfo element. I'm using org.apache.xml.security.c14n.Canonicalizer for the canonicalization. Is there someone</p><p>that can obtain this hash value and tell me the exact steps/tools/code used? Thank you in advance.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p><p style="min-height: 8pt; height: 8pt; padding: 0px;">&#160;</p></p></div>


<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">

    <p style="margin: 0;">Reply to this message by <a href="http://community.jboss.org/message/575559#575559">going to Community</a></p>

        <p style="margin: 0;">Start a new discussion in JBoss Web Services at <a href="http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044">Community</a></p>

</div></td>

                        </tr>

                    </tbody>

                </table>


                </td>

            </tr>

        </tbody>

    </table>


</div>


</body>

</html>