Java Verify xml digital signature using public key

Question

I have a signed xml document which has been signed by private_key.pfx.

Now I have a public_key.cert file which start from :

====== BEGIN OF =======
jksbfjkbckcnJKNBCKSJJksncs==

====== END OF========== 

Now, I want to verify signed xml document using my public_key.cer

How can I do this ?

Please Help

Answer 1

You need to look for the <Signature> element in your signed document. There are methods in the Java XML Digital Signature API you can use to verify the signature such as XMLSignature.validate() .

If you check out this article: Programming With the Java XML Digital Signature API .

key steps in validating an XML signature.

 // Find Signature element. NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); if (nl.getLength() == 0) { throw new Exception("Cannot find Signature element"); } // Create a DOMValidateContext and specify a KeySelector // and document context. DOMValidateContext valContext = new DOMValidateContext (new X509KeySelector(), nl.item(0)); // Unmarshal the XMLSignature. XMLSignature signature = fac.unmarshalXMLSignature(valContext); // Validate the XMLSignature. boolean coreValidity = signature.validate(valContext); 

First, you must find the location of the Signature element that you wish to validate. One way to do this is to use the DOM getElementsByTagNameNS method as shown in Code Sample 5. The second block of code creates a DOMValidateContext object containing a KeySelector object and a reference to the Signature element. The purpose of the KeySelector object is to obtain the public key using the information in the KeyInfo element and hand it back to be used as the validation key. The next section will discuss KeySelectors in more detail. The last two lines of code unmarshal and validate the signature. The validate method returns true if the signature is valid and false if it is invalid.