-2

Using JAXB I'm generating XML and adding license signature to the generated xml which is in the below mentioned format: xmlFile.xml:

<?xml version="1.0" encoding="UTF-8"?>
<Users>
      <User>.....</User>
      <Signature></Signature><!-- This is generated using RSA and SHA -->
</Users>

Java class: 

public class Users {
    private List<User> userList;
    private String signature;
    //Setters & Getters goes here
}

This will now be parsed using jaxb but signature content(including tags) is extracted, set to Users object using XSL and will be saved separately to DB in my design. Later to validate this license I again form an XML but since I use the existing information and create an XML it creates like mentioned below:

resultXMl.xml:

<?xml version="1.0" encoding="UTF-8"?>
<Users>
      <User>.....</User>
      <signature><Signature></Signature><!-- This is generated using RSA and SHA --></signature>
</Users>

According to JAXB implementation it is correct but signature has two tags now. Could any one suggest me how to achieve this. Or is there any other way that enveloping xml works?

Abel
  • 56,041
  • 24
  • 146
  • 247
user1129947
  • 49
  • 7
  • 1
    Use XML-DSIG: http://stackoverflow.com/a/17198794/3558960 – Robby Cornelissen Aug 25 '15 at 09:57
  • This solution does not work for me because you are creating signature based on the xml generated by JAXB. I have done this already. But my need is that I have saved these informations separately into DB, now after sometime I want to validate that license, so I'm reforming the xml based on DB details which has to be valid when I send this for validation. I hope you got my problem. – user1129947 Aug 25 '15 at 10:10
  • Please refrain from phrases like _"Immediate response is much appreciated. "_. However friendly and forthcoming the intend, this is not a site where others do your work on command, and such requests are generally frowned upon. There are other (paid) sites where you can demand fast response. See also [faq] and [ask]. – Abel Aug 25 '15 at 16:04

1 Answers1

1

Later to validate this license I again form an XML but since I use the existing information and create an XML it creates like mentioned below:

Whatever you are using to recreate the XML, there is clearly a bug in your code that introduces a second <signature> element. Search in your code to where you are adding this extra element (case-sensitive, apparently your extra element is signature, the original is Signature).

If you can't find it, you can also fix it post-process by using a transform like the following (you tagged this question XSLT, so I assume you wanted an XSLT solution to get rid of the extra element):

<xsl:template match="node() | @*">
    <xsl:copy>
        <xsl:apply-templates select="node() | @*" />
    </xsl:copy>
</xsl:template>

<!-- remove this element (if it is in a namespace, adjust accordingly) -->
<xsl:template match="signature">
    <xsl:apply-templates select="node() | @*" />
</xsl:template>

According to JAXB implementation it is correct but signature has two tags now. Could any one suggest me how to achieve this.

I doubt it is correct, but that depends on what you mean with "according to JAXB". If your binding allows this extra element, or allows any content, then yes, it is correct.

From an XML-DSIG perspective, it is not correct, but it wasn't correct to begin with, because the original code didn't show the XML-DSIG required namespace. But I'm partially guessing here, there's little to go on with what you mean by "correct" in the sentence above, even more so because your examples are not valid.

You should also consider looking at how the code is stored in the database, possibly the element signature is added there by code and the actual signature is appended as a child (which itself opens with Signature).

Abel
  • 56,041
  • 24
  • 146
  • 247