This is my code to generate xml signature : \[code\]DOMSignContext dsc = new DOMSignContext (prk, xmldoc.getDocumentElement());XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); DigestMethod digestMethod = fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null); C14NMethodParameterSpec spec = null; CanonicalizationMethod cm = fac.newCanonicalizationMethod( "http://www.w3.org/2001/10/xml-exc-c14n#",spec); SignatureMethod sm = fac.newSignatureMethod( "http://www.w3.org/2000/09/xmldsig#rsa-sha1",null); ArrayList transformList = new ArrayList(); TransformParameterSpec transformSpec = null; Transform envTransform = fac.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec); Transform exc14nTransform = fac.newTransform( "http://www.w3.org/2001/10/xml-exc-c14n#",transformSpec);transformList.add(exc14nTransform); transformList.add(envTransform); Reference ref = fac.newReference("",digestMethod,transformList,null,null); ArrayList refList = new ArrayList(); refList.add(ref); SignedInfo si =fac.newSignedInfo(cm,sm,refList);\[/code\]This gives a reference validation as false and also core validity as false. But when I remove \[code\]envTrasnform\[/code\] variable i.e \[code\]fac.new Transform("http://www.w3.org/2001/10/xml-exc-c14n#",transformSpec)\[/code\] and execute with the following code :
\[code\]DOMSignContext dsc = new DOMSignContext (prk, xmldoc.getDocumentElement());XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); DigestMethod digestMethod = fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null); C14NMethodParameterSpec spec = null; CanonicalizationMethod cm = fac.newCanonicalizationMethod( "http://www.w3.org/2001/10/xml-exc-c14n#",spec); SignatureMethod sm = fac.newSignatureMethod( "http://www.w3.org/2000/09/xmldsig#rsa-sha1",null); ArrayList transformList = new ArrayList(); TransformParameterSpec transformSpec = null; Transform envTransform = fac.newTransform( "http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec); transformList.add(envTransform); Reference ref = fac.newReference("",digestMethod,transformList,null,null); ArrayList refList = new ArrayList(); refList.add(ref); SignedInfo si =fac.newSignedInfo(cm,sm,refList);\[/code\]This gives the core validity and the reference validity as true. Why is this happening. I got this code form this link(code fragment 2 in creating enveloped signature section).
\[code\]DOMSignContext dsc = new DOMSignContext (prk, xmldoc.getDocumentElement());XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); DigestMethod digestMethod = fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null); C14NMethodParameterSpec spec = null; CanonicalizationMethod cm = fac.newCanonicalizationMethod( "http://www.w3.org/2001/10/xml-exc-c14n#",spec); SignatureMethod sm = fac.newSignatureMethod( "http://www.w3.org/2000/09/xmldsig#rsa-sha1",null); ArrayList transformList = new ArrayList(); TransformParameterSpec transformSpec = null; Transform envTransform = fac.newTransform( "http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec); transformList.add(envTransform); Reference ref = fac.newReference("",digestMethod,transformList,null,null); ArrayList refList = new ArrayList(); refList.add(ref); SignedInfo si =fac.newSignedInfo(cm,sm,refList);\[/code\]This gives the core validity and the reference validity as true. Why is this happening. I got this code form this link(code fragment 2 in creating enveloped signature section).