java - Get signature and certification path from PFX -


i have soap message 

<soapenv:envelope     xmlns:soapenv = "http://schemas.xmlsoap.org/soap/envelope/"     xmlns:v = "http://www.something.com">     <soapenv:header/>     <soapenv:body>         <v:auth>             <v:userid>xxxxxxxxxx</v:userid>             <v:password>xxxxxxxxxx</v:password>             <v:certchain>xxxxxxxxxx</v:certchain>             <v:signature>xxxxxxxxxx</v:signature>         </v:auth>     </soapenv:body> </soapenv:envelope>

after generating java source code wsdl, auth, setting value this. (all below 4 fields string datatype)

auth authinfo = new auth(); authinfo.setuserid(userid); authinfo.setpassword(password); authinfo.setcertchain(""); authinfo.setsignature("");

the following piece of code using signature, digest value, certificate chain. when populate values , submit soap message digital signature invalid error. verified signature valid.

code extract details:

i face issue getting certification path , signature pfx file. can share code gets them, have following piece of code them. when use signature , certification path obtained through below code , invalid digital signature.

public void getcertificatedetails(){     string aliasname="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; // not posted here      try{            char[] passwd = key_store_password.tochararray();                     keystore = keystore.getinstance("pkcs12","sunjsse");            fileinputstream fis = new fileinputstream("path pfx file");          keystore.load(fis, passwd);           fis.close();           enumeration aliases;            certificate[] cc =  keystore.getcertificatechain(aliasname);          x509certificate certificate1 = (x509certificate) cc[0];           system.out.println("signo algo:"+certificate1.getsigalgname()); // value sha256withrsa           privatekey pkey = (privatekey)keystore.getkey("xxxxxxxxxxxxxxxxxxxxxxxxx", passwd);             keystore.getcertificate(aliasname);          x509certificate[] result = new x509certificate[2];           x509certificate certificate2 = (x509certificate)keystore.getcertificate(aliasname);          byte[] sig = certificate2.getsignature();             certchain=keystore.getcertificatechain(aliasname);          algorithm=keystore.getkey(aliasname, passwd).getalgorithm();          certificate=keystore.getcertificate(aliasname);           system.out.println("public key:"+certificate.getpublickey().getencoded());          privatekey myprivatekey = (privatekey)keystore.getkey(aliasname, passwd);          xcert = (x509certificate)certificate;            keystore.getcertificate(aliasname).verify( keystore.getcertificate( aliasname ).getpublickey());           x509content.add(xcert.getsubjectx500principal().getname());          x509content.add(xcert);     }      catch(exception ex)     {         ex.printstacktrace();     }   }   // certificate chain  public certificate[] getcertificatechain()  {      return certchain;  }   public string getalgorithm()  {       return algorithm;  }  public certificate getcertificate()  {      return certificate;  }  public signature getx509signature()  {       return xcert.getsignature();  }

}

the code hexify digest value

  public string hexify (byte bytes[])    {        char[] hexdigits = {'0', '1', '2', '3', '4', '5', '6', '7',              '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};        stringbuffer buf = new stringbuffer(bytes.length * 2);        (int = 0; < bytes.length; ++i) {           buf.append(hexdigits[(bytes[i] & 0xf0) >> 4]);           buf.append(hexdigits[bytes[i] & 0x0f]);       }        return buf.tostring();   }

get digest value signature

public string getthumbprint(x509certificate cert) throws nosuchalgorithmexception, certificateencodingexception  {     messagedigest md = messagedigest.getinstance("sha-256");     byte[] der = cert.getsignature();      md.update(der);       byte[] digest = md.digest();      digest=md.digest(digest);       return hexify(digest);  }


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more