Is it possible to Validate following XML document:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<DigestValue>DsP5NLca+plhp9tZvGwykfb2whQYt3CQ5sbsVd9Q9aE=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
LrfE0po3YPvVxB/m77iBWWiR07Ghiuhuj7tO2C2LKqZK2cLrAiidt+3tjbJ3m16quCFxfh7bmjRtJsGi7a3HKtK
qY4auqrjNB62AtYrxvm+7Qd/cRacom4e3M9uF9JD1zTfoGun9w4WDfDrDaoZ+ZwUgNtf6sTYO5Ctcj5sYcD0=
</SignatureValue>
<KeyInfo>
<KeyName>7D665C81ABBE1A7D0E525BFC171F04D276F07BF2</KeyName>
</KeyInfo>
</Signature>
The problem is when i run my code, this error appears
Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: cannot find validation key
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(Unknown Source)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(Unknown Source)
at paket.XmlValidator.validate(XmlValidator.java:28)
at paket.Test.main(Test.java:43)
Caused by: javax.xml.crypto.KeySelectorException: No KeyValue element found!
at paket.KeyValueKeySelector.select(KeyValueKeySelector.java:47)
... 4 more
javax.xml.crypto.KeySelectorException: No KeyValue element found!
at paket.KeyValueKeySelector.select(KeyValueKeySelector.java:47)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(Unknown Source)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(Unknown Source)
at paket.XmlValidator.validate(XmlValidator.java:28)
at paket.Test.main(Test.java:43)
i have successfully validated the following XML with the same code:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>+uYi9GD7lNpk5+AZWjVylxm4PeKGXoFEalJPd44oMeg=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Ov9TJmROGakTblMO8F2otx3YsmzY1N7tUEuJVauqP4EgePUtYpfMdiv1fKdZreeLyri7WRIOrxiq
mEJEWCmpzVKZypJ293y4STmRw4rfUgFQeaatj2AmK2q5zDaE9jzl6+HtiRgDykZpgx7DWC8MHydK
P8wnEHyn2ozYdqL0VCjRfk95zcm0jMknWmytippXf1bqufkhlOLdS46VGyvYM8ZAc742MN3QX1+I
SvNs1a+FNrgQwb0NaYLzX2hWOtFNo2ZparQXynfQy1jj6JHBRvmldLjHiI4nwYgtfEZL6Fgh/H6c
PSnM/Sd6hoh1B6zjhbIViqfaLKLkds/Et6WNYw==</SignatureValue>
<KeyInfo>
<KeyValue>
<RSAKeyValue>
<Modulus>xhbxdz2KP0/GwuoBuE2EfqoSUHj5nTZAC7c+UoUYtpqC8yRfe6BaFjdT/kWJNM8rZhJRawkh8qub
U4Iag0N1Cu8JNgOMXjeFJnVpa1HDijk9blQhLybGawh+TrC1v8D/9OGN5avkAjG/jpEFofOUpINp
Z2ThbhjgOzZV2kSa776nlwLhTLChf0iL5a78otVcDcuU8nmVkkhwFLbggbIRgdVFAk0bKFDYwWqw
kOmimDs2c7lLvu9n+X6IEFJLKt5YmKsBlhxx7LjvVih7vFc27+OtQpKw2EZjHPpmcP/qOEzESOCe
C8AHDrw3EWU5n1Bib8t8WteE5WPd2HbsJ86o3w==</Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature>
What is the difference between this tow XML Signature, and why is it working on the second XML example and not on the first ???
The difference is that in first XML you are providing keyInfo with KeyName
and in second: