Login/Register
Signature validation false
Asked Answered
xml-validationxml-signaturexml-dsig
B

0

6

I'm try to verify signature like this (it's PARes from Mastercard) and receive false every time, but xml from VISA work ok

Mastercard

<?xml version="1.0" encoding="UTF-8"?>
<ThreeDSecure><Message id="89e8bafa-755d-4ae9-a357-8641f13f057f"><PARes id="PARes-3cz1Jjfc"><version>1.0.2</version><Merchant><acqBIN>521324</acqBIN><merID>100000000000020</merID></Merchant><Purchase><xid>Z0FSSEFabjE1MTU2NTg2MTAzODY=</xid><date>20180111 08:16:50</date><purchAmount>1000</purchAmount><currency>643</currency><exponent>2</exponent></Purchase><pan>0000000000002290</pan><TX><time>20180111 08:17:00</time><status>Y</status><cavv>jNsniZHx4MT1DxEhZAITCFAAAAA=</cavv><eci>02</eci><cavvAlgorithm>3</cavvAlgorithm></TX></PARes><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><Reference URI="#PARes-3cz1Jjfc"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod><DigestValue>8I/izdCJcp7wABf2YfFQbd4Ktxg=</DigestValue></Reference></SignedInfo><SignatureValue>IQuLAtGT8rEFp/a5bV9Wu8qiSXpTGtvkJaJCuPTrflwPFFwiSLuivfcInX8pzirmObPV9ue4Kn8YFu+ltiYg8g2sHMa6S9RfC330+/ntBL2XxNp6IO+s7anGsM5WOmd3Pt176Ft5DRDOpeJg8N9PtbhYPQ//TzzehApb9/EMnpFZKEnJbYYl5Wpa7gPV+iIJJryAdZF3CW3c6/ns/XzwQZ9Tfm9t24SRbF2U/Hkn7aD6MUug772hqNiOHQJ0gtdtDxR9KkQfh3aNq5EmS2MEgfoCkm8mUOO/fQEOMBy2fbgE4/JnDZ/7n2x/hDKZZn9oUv7BLvoM1IcjfYKRiEve7g==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDzzCCAregAwIBAgIRAO6hkq6XAdKvA5IMAj3E95MwDQYJKoZIhvcNAQEFBQAwgYAxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRNYXN0ZXJDYXJkIFdvcmxkd2lkZTEuMCwGA1UECxMlTWFzdGVyQ2FyZCBXb3JsZHdpZGUgU2VjdXJlQ29kZSBHZW4gMjEiMCAGA1UEAxMZUFJEIE1DIFNlY3VyZUNvZGUgUm9vdCBDQTAeFw0xMjA2MjIwOTA4MzBaFw0yNTA2MjIwOTA4MzFaMIGAMQswCQYDVQQGEwJVUzEdMBsGA1UEChMUTWFzdGVyQ2FyZCBXb3JsZHdpZGUxLjAsBgNVBAsTJU1hc3RlckNhcmQgV29ybGR3aWRlIFNlY3VyZUNvZGUgR2VuIDIxIjAgBgNVBAMTGVBSRCBNQyBTZWN1cmVDb2RlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDptCms6aI22T9ST60k487SZP06TKbUBpom7Z1Bo8cQQAE/tM5UOt3THMdrhT+2aIkj9T0pA35IyNMCNGDt+ejhy7tHdw1r6eDX/KXYHb4FlemY03DwRrkQSH/L+ZueS5dCfLM3m2azxBXtrVXDdNebfht8tcWRLK2Ou6vjDzdIzunuWRZ6kRDQ6oc1LSVO2BxiFO0TKowJP/M7qWRT/Jsmb6TGg0vmmQG9QEpmVmOZIexVxuYy3rn7gEbV1tv3k4aG0USMp2Xq/Xe4qe+Ir7sFqR56G4yKezSVLUzQaIB/deeCk9WU2T0XmicAEYDBQoecoS61R4nj5ODmzwmGyxrlAgMBAAGjQjBAMA8GA1UdEwQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQqFTcxVDO/uxI1hpFF3VSSTFMGujANBgkqhkiG9w0BAQUFAAOCAQEAhDOQ5zUX2wByVv0Cqka3ebnm/6xRzQQbWelzneDUNVdctn1nhJt2PK1uGV7RBGAGukgdAubwwnBhD2FdbhBHTVbpLPYxBbdMAyeC8ezaXGirXOAAv0YbGhPl1MUFiDmqSliavBFUs4cEuBIas4BUoZ5Fz042dDSAWffbdf3l4zrU5Lzol93yXxxIjqgIsT3QI+sRM3gg/Gdwo80DUQ2fRffsGdAUH2C/8L8/wH+E9HspjMDkXlZohPII0xtKhdIPWzbOB6DOULl2PkdGHmJc4VXxfOwE2NJAQxmoaPRDYGgOFVvkzYtyxVkxXeXAPNt8URR3jfWvYrBGH2D5A44Atg==</X509Certificate><X509Certificate>MIIEXDCCA0SgAwIBAgIRANcgQkwhTlImGuZQ3AEXtKkwDQYJKoZIhvcNAQEFBQAwgYYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRNYXN0ZXJDYXJkIFdvcmxkd2lkZTEuMCwGA1UECxMlTWFzdGVyQ2FyZCBXb3JsZHdpZGUgU2VjdXJlQ29kZSBHZW4gMjEoMCYGA1UEAxMfUFJEIE1DIFNlY3VyZUNvZGUgSXNzdWVyIFN1YiBDQTAeFw0xNzAzMzAwOTI4MDdaFw0yMTAzMjkwOTI2NTBaMFUxCzAJBgNVBAYTAlJVMRYwFAYDVQQKEw1KU0MgQWxmYS1CYW5rMR0wGwYDVQQLExQ2NDM0IC0gSlNDIEFsZmEtQmFuazEPMA0GA1UEAxMGTUNTaWduMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwIwC77LQtKfDk6FpFzUSP1EMpGc0YsxS3bYPzOo09mRNDl3UlGYyYFmKVG0/BiPNqBBzV50CEXYHljoO7o5V8iUs5rVA2mWR6fDSQdbZBEcTiJZxWUon4wh2Xgsg7nznFfljTKoszdbKdTc5JP3ESPR1jPsloBuOeVZQI4zkNhricSwP9cYWxWa+zUUvXe5HCaes0VnQqmiw9o+GIB3aiyUd8eogAQvyiG77RUUp+vid0k/Fcvx/3WlwLcZAxzHB36UHSsvlqbrDl1vFTh9sJ2OPiOAJbNEn0ru6ESkmyBQZmyOo7A6uTafO/319dtl5/TLos43e4Cy8biOYa1jvQIDAQABo4H0MIHxMIGmBgNVHSMEgZ4wgZuhgYakgYMwgYAxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRNYXN0ZXJDYXJkIFdvcmxkd2lkZTEuMCwGA1UECxMlTWFzdGVyQ2FyZCBXb3JsZHdpZGUgU2VjdXJlQ29kZSBHZW4gMjEiMCAGA1UEAxMZUFJEIE1DIFNlY3VyZUNvZGUgUm9vdCBDQYIQQ3EBfDozHhKp3pmzcHr6ZzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDArBgNVHRAEJDAigA8yMDE3MDMzMDA5MjgwN1qBDzIwMjAwMzI5MDkyODA3WjANBgkqhkiG9w0BAQUFAAOCAQEA0uVJnNTtR8rkR9v6hDfp4Myg3Fl/9fEmjnaTeZXnjS2Yh0hYDaWzOi2vN9GrTcZiTlmMu55+/EgseYOWoa4lPFL3pk9hWxlPW/ZUeoX1c39G08BVS4fKtf6OlBCOOVT2rF3Pz12L+Q2c89b1TKQ3+J5z4NMuSAudX2jZlS15GNpyyeBd+4iygSQfG3oYaCD6lv2hVmT2G7ZhLIagMt6bNikfpA1295RDAhXCuxVs+Eqy8Llr0FdOjge+L7htQjJtvSvidGjnod74HuafsTlu9yJKQxLHO9guOLgE74QYiN7xkrIZE5IfvCE+qV8T79jPyF3FG88LoWpno9YhV7zZfg==</X509Certificate><X509Certificate>MIIEgDCCA2igAwIBAgIQQ3EBfDozHhKp3pmzcHr6ZzANBgkqhkiG9w0BAQUFADCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFE1hc3RlckNhcmQgV29ybGR3aWRlMS4wLAYDVQQLEyVNYXN0ZXJDYXJkIFdvcmxkd2lkZSBTZWN1cmVDb2RlIEdlbiAyMSIwIAYDVQQDExlQUkQgTUMgU2VjdXJlQ29kZSBSb290IENBMB4XDTEyMDYyMjA5MjIxNFoXDTI1MDYyMTA5MjIxNVowgYYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRNYXN0ZXJDYXJkIFdvcmxkd2lkZTEuMCwGA1UECxMlTWFzdGVyQ2FyZCBXb3JsZHdpZGUgU2VjdXJlQ29kZSBHZW4gMjEoMCYGA1UEAxMfUFJEIE1DIFNlY3VyZUNvZGUgSXNzdWVyIFN1YiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANaeBgfjTKIFls7ueMTzI2nYwAbocHwkQqd8BsIyJbZdk21E+vyq9EhX1NIoiAhP7fl+y/hosX66drjfrbyspZLalrVG6gYbdB2j2Sr8zBRQnMZKKluDwYv/266nnRBeyGYW3FwyVu8L1ACYQc04ACke+07NI/AZ8OXQSoeboEEGUO520/76o1cER5Ok9HRi0jJD8E64j8dEt36Mcg0JaKQiDjShlyTw4ABYyzZ1Vxl0/iDrfwboxNEOOooC0rcGNnCpISXMWn2NmZH1QxiFt2jIZ8QzF3/z+M3iYradh9uZauleNqJ9LPKr/aFFDbe0Bv0PLbvXOnFpwOxvJODWUj8CAwEAAaOB7TCB6jAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUwTArnR3hR1+Ij1uxMtqoPBm2j7swgacGA1UdIwSBnzCBnKGBhqSBgzCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFE1hc3RlckNhcmQgV29ybGR3aWRlMS4wLAYDVQQLEyVNYXN0ZXJDYXJkIFdvcmxkd2lkZSBTZWN1cmVDb2RlIEdlbiAyMSIwIAYDVQQDExlQUkQgTUMgU2VjdXJlQ29kZSBSb290IENBghEA7qGSrpcB0q8DkgwCPcT3kzANBgkqhkiG9w0BAQUFAAOCAQEA3lJuYVdiy11ELUfBfLuib4gPTbkDdVLBEKosx0yUDczeXoTUOjBEc90f5KRjbpe4pilOGAQnPNUGpi3ZClS+0ysTBp6RdYz1efNLSuaTJtpJpoCOk1/nw6W+nJEWyDXUcC/yVqstZidcOG6AMfKU4EC5zBNELZCGf1ynM2l+gwvkcDUv4Y2et/n/NqIKBzywGSOktojTma0kHbkAe6pj6i65TpwEgEpywVl50oMmNKvXDNMznrAG6S9us+OHDjonOlmmyWmQxXdU1MzwdKzPjHfwl+Z6kByDXruHjEcNsx7P2rUTm/Bt3SWW1K48VfNNhVa/WctTZGJCrV3Zjl6A9g==</X509Certificate></X509Data></KeyInfo></Signature></Message></ThreeDSecure>

My validation code

DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
        dbf.setNamespaceAware(true);
        DocumentBuilder builder = dbf.newDocumentBuilder();

        final InputStream stream = new ByteArrayInputStream(xmlDoc.getBytes(StandardCharsets.UTF_8));
        Document doc = builder.parse(stream);

        NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
        if (nl.getLength() == 0) {
            throw new XMLSignatureException("Cannot find Signature element");
        }


        DOMValidateContext valContext = new DOMValidateContext(new X509KeySelector(keysFile, keyPassword), nl.item(0));

Element PARes = (Element) doc.getElementsByTagName("PARes").item(0);
            valContext.setIdAttributeNS(PARes, null, "id");

        XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");

        // Unmarshal the XMLSignature.
        XMLSignature signature = factory.unmarshalXMLSignature(valContext);

        // Validate the XMLSignature.

        boolean coreValidity = signature.validate(valContext);

I've add additional code for get reason of failure

 // Check core validation status
        if (coreValidity == false) {
            System.err.println("Signature failed core validation");
            boolean sv = signature.getSignatureValue().validate(valContext);
            System.out.println("signature validation status: " + sv);
            // check the validation status of each Reference
            Iterator<?> i = signature.getSignedInfo().getReferences().iterator();
            for (int j = 0; i.hasNext(); j++) {
                boolean refValid = ((Reference) i.next()).validate(valContext);
                System.out.println("ref[" + j + "] validity status: "
                        + refValid);
            }
        } else {
            System.out.println("Signature passed core validation");
        }

and have got this result

Signature failed core validation
signature validation status: false
ref[0] validity status: true

How to avoid signature validation false or how to debug the reason. at standard page there is information

Note, there may be valid signatures that some signature applications are unable to validate. Reasons for this include failure to implement optional parts of this specification, inability or unwillingness to execute specified algorithms, or inability or unwillingness to dereference specified URIs (some URI schemes may cause undesirable side effects), etc.

But how to avoid this problem. I know that signature is valid but ... One difference between good and wrong validated xml it's format reference id In good xml without - just digits or alphabets

RAW incoming data

//VISA

String PaRes = "eJzNWWnPo1aW/itR+qNVYTcmcl7psi8GA2b1lxH7DsZgg/n1g+2qypukeqY7Go3akmU4nHuWe5bnHry38muSsKckul2Tj72aDEOQJT8V8W8/hwmFIhSBf4FxHP6CEyT6JYgD6gtO7eJgi6VpEKY/f+x1YCbDa4Fbl2JFK+1VxtLZ+694lk1RASvLPbkORdd+IL/Av6B76Nvtqu0a5UE7fuyDqKcl7QPHSHKH7aGvt/smuUrsBwJ/+qDwHnqT99Dv6/Xb82pYPZiL+COyZ9UWZt8oOUS1bEwrI/RoqYvKVr/toSfHPg7G5AOFkR2MIOhPCP4rhv9KrJpf9P3lKQ403W2V/dS+hz5T9uteXZM2enxs8XXJ97t9Ml+6Nlk5Vie/X++h3427BO3HH5whSHKVvVL3lvexH4vmT0YRv+Kr8hd9P4zBeBs+/D309WofBff7BwCAps1ICk6y6+N2ZU75Bbw/q7Mvln0SFR8wsRq1/r5WgTrrrsWYN09T/0jYQ09ToFdYP/anImtXZdfkp7mp2+G3n/NxvPwKQdM0/TJhv3TXDEJXRyCYglaGeCiyf/z8XpXEUpt2/9YyJmi7toiCuliCcc0QNRnzLv7pu20/EmOZT0kIZHLMl1XUlwjB2y9PCowhxCoT+rHQT579K1r+bOx1CL4MeYA8FfxJ0MfeTNLkmRHJT7Yp/fbzP/5pXbBFlgzj39H/TfdnCd/kOUF9Sz6ceQm9boux8kaNQnr0kN0WBhol+M+0+My5h74b/NWbd+g+bdGbsZMudqV08aCiCnTXS+BZ+RlU8Q4eJU91azQJbzaPjogjzAFzeBinYcEj6TFFEG9SFt0JM4sXXIxmxayiR7zoqRFfyzQcfQLNVoEzEZxandxqCK9nvsX7m37G7LEnEFtkBrhX11r0Ym2yQoXBUEUiOP/EUnaP1hyxGUKu2UTnKYTqrup9khNufJBmriDD2yJWRX5H2caWpaaIg4R7IDCVNV8R8y5GvpLFI1DvHERDDpRnaMNc+oyoFoO61aVGWtD1vu2KMqJJ0Lo8hTf8+YZidA+UCVOuacvSASaiJtMIRFpcqRvfPxA0Pd4EOnF3OyGZbZjczAPPxVCEmGSxC3qyso6Er+EY+O23Tyn0NSJK8nhHwCNgig3G4H3FJNexSNdcXnuUKkn8aWEYmj1mYJJokEkmUJjerA+dzB0tzIGNHbWhjGw3sYYvK91Zyu+RBgzuQBtgiizuoIJKAIjN0bnKOI46sxY40Jnm0KCzaP4s2zA3HxYwvmmDJdfnS4Ry2ckl4LMn33zPvIQokYcMba33aOBqtcTxS4RSZeDycOBSN/UkTRLwWccwWG6u3cDTcklw2BBFxnVNeT7RcoRpSOASrcRptErjHmtx6NqrH+rCwaplLJrTPWn4n2hTynK6CuC3D7MqWC61+CiFqcbL56dOiZvOWrgiQIhFM7MA+e2Lb4FadlTTn/i3bQo3Ia7DSZlaGpnC04oNqxfV7Cbh/fzAzbzsrH4mngafXTizMWeKBOoRs5yn0vbLBjCrR6dxHoF7vpxds0ic135NWcYVTzuZUy+cpBBjDY4Ghg0ALtHsBJ7PFdCtMTSYhva4mxlvso6Kk4e4rWg+yEzthLqXPPXO26vTK4MnC/xW24Z21hlWvUavwZpjRrB2o+822hH3I8CohVRYl3YgoGWLBf3uEHEiW6UsmOGOpk86E480nDblw8YR3KzNzYarVZU4sFu/BlVWcIwx0FUiiZJWwKTrZIaVpb0ppeiBjpNOaHz4RpheJZuH4DybIg1m3rFbNOU2bImzXSmeO4Ns7blpoygVrlF1z6ViM1IzgU/+g5yjUh3y7rKDD5IyVV7woEgpMsUKcOlxdopxXK4bDq+sRuEgMuemSo9HTOXvDcLxF05uaLVDqzFiNZcNnaUehuvumhmKPCVhQDPCripBVDsozDYhyFRAJk2ZZaK51g29WHRNZ9mVzjieNqJ1382zykeTbPirLT5NG7aoAkEQ3ByORbA9PKi7j2nToX3F87bm2HhYczzCwHTIPq9RBKn5vqYOW/keCtMtburFd7X80Gj38ETVz/XhiSjPnjSJ05pfJlzSdDbxHbCxndo7J/xulJetIaOnTo/FJE70HO8mFrx4LWCIEA2kCbAM/chetJSWREaVBEhlikzuQZUXcheL5nQsdnfTJR4hOg9v+/nSX3WHKHw/26s9LnzzMXlY1546SdDXr5p3ghwKZh6x3f0AO7eooYaQIdBn7fpf/T+WKn48UWVYIv9rTR8ElVr7yxBiNuU892J9HrZmHTVEHgv1PWz4QeK1Olrt81E7MzxtCVHt8u4v+BAuiHtyNFpHnzzm5dzU5fqsthsHXfneMqr5EmHGxL73Q3/vkcGCLAEq/eoRMZsZ7pr7JqMLN5+WIU9M71Ns6GevPVPmfDcsQDz7g3gCnFqCSWVwgXYTGkwcrTL2JE2/xxpknMuj32ONxVj0jvPXvY2E8fLnmmemd82vdX5s5OFaDxuhvwwW/Jih6i5kmh3zZnSISVnUAkxru97dWgfWETYcMhLotNUG2KrUfMeNZX0liSzLtWNyaqi4g8movt1P6oDy0lGEVXI3dAzv0ibmnJxjEi3k4kDxJduoZGBoxS1NF/PGDRcUJe2471kdQbLjMrDERr44S660mZ1a51iSmaOkQbYlHgz0wft0omuFsdvMShsNEIKSRW7q7IbsZc/sKc275DLnHvoH6XWQrsAhn1ZuziK74mpf13AReVcJcnusRrlvqJR3qLNb+zhJGUBEs16GfWXDIPWd9HshOxAVBRtGVbkIez0jBzYN7J6fu4zjar92k+lYHbukFjgb5m/9NU+4PfRnlPwhbApP2ASfYFPLYd+iaYidue6wCJ47oTsT/BA2g+X/CTbNaRKyb7Cp/ajETiFKwV/hElFZ/6Gx628ZTVr9hEvp8aS90tjyJw3p/nMhf23JUgk0Oqv6vCoEaoLXEuF4AI4MMHbg+ZzJlPWaA9eqYQjY2AhVYzzOKFUp8wWJN62MY/Lk5cKZDHge0QuVONUMdzJQtHegmgbYJPq+visQEhIMw9fogsdu+HVb3jxJ5KdyuisPXuW3VUP73j0ygp0ekwTPIO066ErXnCs3dRw26+y4KHCup/7D4849exHz6tY2d5bsF4TmXIUjNdt3eJNLu4tTpLVSOOfIv4oFycggoTWfjB/ZvZHUVrQTEddG9kT0KdRSrGGkqfNoiVx2C0JP6B3ZWvX42C1xWaBjSbYA3fiYflBM2cYeiBRGeS/UrdfPQaCklXXQhuLcU7o1KcH1IW5uDTZ6KXHDm1u9mMLRzVF7Y1f4oR0blWdC6NDLldvaTrKZJBYYgO7W1jSUDAMC/C+wxFsFyy67QcfAIg6IAGWJKh1ZbyKjics+w1I2rbBKQ8/aYv+P2+kzD6ZvcLfKLxkaWgDasadM7fwpEE34f4KsA/KCP9ZwP+Wis0I0ZrwhkH1kxx7geXn+Dp3xasmhqW/xX2G8jJrp/oIzW6PfUIqskKatfY66xwzxfD5lfpBl/nH9MkLazJXvvfzjf3g0sLrlyFZ3H8W/wWRtPI8KrvN4wuJb7nzXnVed/l04hXzUeax8zVq7K79zOnvnVee7di2hXmIWHF9xM3Y0SHfrWVVda8+fROO190ea9jleg1iltm8HWNomFRNXPYuZWOuVeKL8c9ijKX/DU9SYi+CYz+sBMbIoJmS61mHGsMFyt07RlpbbW2AkXTrGR8UdS9g/WiWp24FydNMpCs8nkd5iV7U5FE5DnnvJaWN3vtO0eUCsKAunIGPbQwauhqqIrY/eBCPVS27tfKBt3cSX03gTmbLTbRXMxOnQEBb+JAZogQbXLdR5i6Q9ghl4cSfAOLOgOqw3WwRbG+al5B9+UZ8gfO2ACWJV0F0crJaf+Lqi1hAddk5OB9sSh9Mg4G/QNi1acqd0l4raZmIMJA0ZQ4CgmtZcydBALvYAt4qYL4bQmV5282PS9o9UgQ6awyAMATB+F3eXabijhoJuMKyHiSMK4WzW8nhD3Iat6VA4+6/B3nokX0u767/BnsHhPmKZMETfD/TGtXnkDCL/L23Y5gFLX1VjmJj3RCVwk+zYC6epYHhBCZOrnFPVlmFxd5V5T2PMrDZ/IzVnkQXBG3rUFdTe0PO5tCT+Va6TmEeaykqTVkrrpCjNR1ZF3SetfNFgdZ1ztJJ7uOV/nu3/xjR4dyjCFZttjjbMXDPpgacGUccZ3toV0TiycAhDehOXObqTJY/th6OliyLaH+QSvmqpIw3ndTCrcK6+8OTA6tNgmkfO3SCGsgvNwFFIbItedSUTkQziqnOmS2iOi5juLPgi3kdxF3ROPcXOuXeRw4n0M755XCYUM29T7kM7pN/azPK4wpZOkNTZjHMO7XYNo6MTXusytUTRxsbga49S1OMoLUt9xWaeXE63cuTdIWipwfeKSYghuumUTnVv7EWCKnzTKYMgJLW1w4FFb+DxvuwUnbez42kagFDDtd3vpINySRLbL85Ch9GzRpLjRpvGGCqbuuDXLiQsgyDO9D0NDrGXbH0Z5QgIH9dpkAZAKI1yjRTYvSYDbnpClsGr66ywtrwfTBGc8McpwnCOkqrrjwmKWDVZ7HBD41OGayk7Lj+ooddRhgMexNOpN0fMobrimnsyoUvrKbY1TWrePEa1sEPdtTEZ6h0wNrqGeVxXu5G5MKcBhs0hCnBaEga263b++Ki2aWK7Pq/husrceV/HSkRa5ANSVUR6K6A0FJR8jEIdO9CpETPOhYKIqy6fNpY90iVHFhHFlhUjL8YOW8jNZVkqVxmUswzBM9V6gjSLflzxQ0zeMZXakJSvuHOSn2fYDI0Vg3eh0HjolkiP58t0mOydYPtccwIoLNA33whIvlLUSI+mzYYNz70KQIg1B603vS0tFDDStyxMYYYjQG0AdaDbEYBtZDKFcgZLboXU1jk9bx+HEaN2S6tC5TXYHhGJbCxEuPOXQ+bpvshOz1dof2mB0O/vzqDv79N+f9P2+vvg9WfH84335z9B/humaThN";

//MasterCard

String PaRes = "eJzVWEmzo0qu3ndE/4eK6qWjLjO2b7hORzIacIIZDeyYzAw2YDP8+uacU1PUreroeJsX1xsnQlJKKemTyMO/p7r68Ey6Pm+bzx+xP9CPH5ImauO8ST9/tC3h0+7jv1/++Y+DlXVJwplJ9OiSlwNM+j5Ikw95/PljkGBbnNruPsX0df+J3OLhp2BLRp/w+HrdxxgWUAn+8eVwBkbSvwm8rT5lxVAWC9Wur75s/7Lu/gd+QL4+rrt0URY0w8shiO6MpL5QOEbg5AH58niok07iXjD0hx+OHpB38gH5Ln9+vK761fIpj19C8eb6mFEaBY9ByybURVrUBRLQSj8fkFeOQxwMyQuOYjsUw/APGPUnhf9JEQfkjX64vaoDdftYdb/ufkB+pBzWM+rWQ5xfaHIV+fZ0SKZb2yQrx+rkt/UB+W7cLWhefnRmt8fpVfdKPVjuy2HI65+MIv7EsQPyRj/0QzA8+hfvgHxZHaLg+Xwp1L7J/eNEQgvjJp7xKtNjZBusv9XZN5ZDEuUv6KtR6/+bFKjStsuHrH4h3nm+Ew7IqynIWxBfDmaeNutmXfJhzaOm//wxG4bbnwgyjuMfI/FH26UIvjqCoHtkZYj7PP3Xx3epJJaaa/tyYIOmbfIoqPIlGNaww2TI2vjDtw1/pdIyXrViiMGzn1a1nyKMbD69UlACo1b9yK+V/mDu/7LLz4Z3ffCpzwLsdYOfFL0cjOSavIY5+WAb0ueP//pLknN5mvTD/2Xfr3v+qOGrPieoHslLQKAa8JJeGbTdyVP6pT+fkxY/Ru3u81e5d84D8s3QL158jcM3j94ZpeGaJb5e8/tk2VQ3DaGrzjvGEgvzS3mLlRjLh4v7xAa6D4RToV69iFSzNn8s7kIPfKYyTYiTIazP8e6Jh7ddukE3U0dbe4rDjkSTpeoxWMg5n1qYK0dZmIkLHeGNJnE3Ukl6NF+GHpKJwVZsPpZCa+6YTd1xp1EYiHy/mv7c2yfqOA9RLLndFpqRTF46GvEpGqvBDe85X0lmLOwQ2Ccbp5F9Hh/Ox3FWhKeWKek5vLGmSLCDw+kZdyZnWCvM8KTQPheijcNf4lkpRrfXEnqSsWsELwCOiNOI887XVG8fMg95kVg9QR7XrQTG4OHflecx6LAxLmS60hm1lh3kuGkZDLNjbWQHA3z+/EPqfInIauV7BFwK3XPBELyv2KQb8uuawyvgQEniloVlQZekYJQYkEoG0OisvNMuiJUnoCQICoLfU3DkdE9WWl/KnpEKdF5gdDCmHpjYBchMqjoM8CxQORY00FEcPc7RdYWfDNVzVdR3Zc5z5VIS4mdUT2WMV6Vv8Q/IjiLAbJ6dYGVdhCUWnVnHhdlnGTck5N4/xjdftFMbd4rYlSsd35e+yRz9C5nCgs8hC97kwQR9W5B5icc4SVArj3Bm31afb7L1/hmzDKdbIBFGdIIFwGEhjZoFSLgwwUqbVetHmhBASQRQ70dWf/ND5EfZsRc+hkz/bm8G7f9i73QqQP9+Jr0l21gWEUYVlWoW1Xrq4Ps5FA0iuBjVz7YauPOQOGmSCpC+y0NLdBjTYBlVnxnLv6hYVDtciL/Kys+Q0FMd5cc0Xc8CoCJr3kVTCglO5xmgr1hMSgw3gtf3CmjX+OrcbWDrng4kHLf2pkWjJbnbmv4ZpS0ltJlbW299jGl3ka4DHhkgZWsDYR1h3GXWBg+ksthb6A0QlDSrkFVFbtgkRTZvh2M8Yh2dcC6iuN4xJIUqqT2U4EajK3XziJw2/iMxqZi9niBR48EyMe7QOS4Xq0l4zYbdEF2Mk4JrD/pZcEssLY/mcTF8ujQ4nW4j7GQ6Gs5MuaChltKO8hmB2/vFsBC5r0PaElP0Wde6uNf5W+3Umi8lkzM9vJnomm3Khw42PImSDETUNuENd++Im5D3ZCN12164GxQtkrOSLKZzshc9kBgkThK23F9s3ELdOo8A73GM3iZRa9KYQTYFpXH1MtbiPHUVSCEDgFjoxRoxsHvNkZgf9bV4PAZcd+xaLyOXrrlkoGegH5HXQICUFyGDvvFyqX5hGP0uWNHkcBrymCQsuwkC4ZimJUDxUQCVSct7VubifkRfYysAoL3qBRmn6dRiu/jIzM4TZe9lQCRhUyP0ZCy6Hl6SamkSzladOBoarMnkAT8r2EN0tgYjAvFRpjF4hOPYMBmHC3GYMUfLCW+nszcxYQzBnLC7ZAlcMe9cDYAn6oVidq4waAs5V9/NKg+ejGD3ZMQ/GCnoScZufUpYUBKPORNcrtcwvhIVuXQ2dVraak/M7rSm+D2VeovQpU1vQCJNETEe2x3K2Tp+Na7XXoyBfcRZZHfaIeNxw++P/a2AXOlWfpudJQmdBiWLpfNlCTWG5jT7VOHnMhaPtRyRjjtdtZHHVRnoU90GZ4PzxFQTnGe5eMM8OeXkJi44q8PONgyiuF6eXseIR5yjAEmCIX0F1J/R8lfwyUfWCp9Y/R0+4X2kqFO1obcnmgWhFVR8j/4OPr3/T/hsIet9hc/r7+DTdNUlvjjzSse8/DuMqgtAYWFPK2QuKue/wSi0Xmn6K21dZwEU25/8kx1orKXw1b8xMw0MpnotPILluz2rP1do8bPGQdrmb5Y+gzpynWfMDd/5Z3+KL3tUW/gEMuNXP5zoi6/em6/U7BNq7l2o7tTI2BovRvpLKfFfSmkHXt+zqfJWVuXm4k37ctxK+hA0lHzpwMBTCzCQyRNNbKmQTdACg879230nYtHzCZ+BN5rmVSBwdPSB4NTOhbgbWhSVu5GUtblUw5QLosZXPQv3Z/l5CfWllMKcuPfHM3wekXpsqgSW2JYoL6iay+ddpKKRNgdiHEt77J7MJ4WLaw0h9jYhWh1DVyG09jmx9YvgNIr1w+dOmRMd20HqXaFeHZ8uyHY0e1v2N0PXzm1obLZuOk83GRksThut3ndHySXZJLtMWtFoNBsN3baFA20z0R4kszAMmPFgPSUxW9fJnn19LFvoN0u/3LZFyHip+nTM2ImSvYATglwJDqNsIY/6ioUyC7q5qKW7fSSGhI4SB3TAtOQRhdJxWtts/ZobRxPyqU+Oqf/IUi8oUw/+vUYLT9J1gmeuXLscM+VG3OolOna0/8X+owF5UIC1NZDvcD/yDDKuSTZKx5QD3TsP4GUO5CnYzZDjCcjp61jCU5CDqFrdGW6RxnV0GVVOQqFVjnDR8ct/aQsXUPC1T48FGu5lgyQ2vl1atiEkNJ4Sg9JOXRZHIRvU5UYZS20fCKIoMX2GFL6u8SeekqVr1o2JORZcy2FjYh8NVGWm+qLcmWPjPI37U9l4nEDR2nJNtCKlVPmeYWiCMYoj6CR+j7WbR5fyE3ozW992tBd4/q6PdB/pFKYOb74U3xk+ku8lKlLW5mGb67f/dguDqUrvPlUwe/kalxTnZ0NI3hbg0sdVD0Hbe6DMwzTRGV9eJGo/5wlW36b5RlEKunlIXQ1hKbW9H/Pa8dZdxDlxtPDa+xu263f3KBpajePaK1JVE/9QyDvN65wy8H3MKuN8vvabU305rRlC7HG32EUPhCusx3hCgv+9LaTc2hbw/Gtb+F16/DV8HMukHH+CoHxLPyaDrOPA6WiB8L0UWkvgfz9RQpMcT+CtRE787Py+RMyfpkk+rsJ8hW1TGqV3eY6fKt0u9dSy4c9lYob4HpV4lYEM6XIrVEPOm9f0pNYpelKFdqVJ2BvN+kJz2r9pu1vjuJ7JT+17HdYAt07VZ/AaZ71l1zUD1CBh0mthKZJQ9SviQWuR8MYbQdhGx7HU7/GO6aVZDv24xDF+85zvez5zMVVqc5Cdt9dqMyNZ27s0HXfFtQvn/uafgqpzRDr1wpjBC9zsdgtj6A30FaV6rJ30ieA03TQGk8yidyGEcXYeuxMGWE+PUBKwZbJBt6qEAH+nubrZJmHL86KtUTiKbOkWi3iD0sr90cjRQuZ2PE0Wu5gfCBpGKSoHip5zhZlVszWSgPHmxcecqUKRnOuuY9hOKq9pbcuiXSSqDXuTTBdeGlyt/SOmr8P6gBeSv9MXgUCWDSRyrwvibP/wg0eVqHd5fzorHRIIAhcmKPNEz6fw6WqNcBu16Slr3MUu1ul55AEINGZrsQxdgPNXSGW5FaLXaXqdpH8FrQxTgPiNVyd5IdXt0QJdYxCZgW2kAntMcLi3Z6bGi20/pkH0Ji+NJtMsLNMoIpPdTSZd/l71mGY82K4fgd0tYtD7jivTkT1HFlH+Cmu+tAqikh+eE+czhvEn+8pcT488JNOzFZZc7JwYXmn7CZ1tLloSt7VsrVhRe49eKcUowltC3vJKWwPRnFVbvOWEz1bmBp17i7nRRuwtWHJVT+YjsOThJt9aVisxpBnpy6aR+cvMuXbEIrNz7wc/jyNNpAG8KjbJs9TCqPzJZ8UrNjcQrzbp+Cwjzn6SHp4MSIOod0lhlnkUTa0c2sKqA7Q8hiVI6FtB5zRl3UY+5W/z6FQU2sJaVZ4up8Kl6YBIm/tHv9GOXNE2WlXX86XWJze2MbiMsbKci+N1rDbr1yezWtg9jgUfqf20PeOdbdUIMxDm5YIp5M65qmrmBMglGixflNnOIfyiosH+160C+X4Xg3y7n/l+c/N2t/x2A/56Hfrjzfg///EfRHiyaQ\\u003d\\u003d";

Code for decoding 

String pares = new String(decompress(response), Charset.forName("UTF-8"));

private byte[] decompress(String PARes) throws IOException, DataFormatException
    {
        BASE64Decoder decoder = new BASE64Decoder();
        final byte[] compressedData = decoder.decodeBuffer(PARes);

        // Create the decompressor and give it the data to compress
        Inflater decompressor = new Inflater();
        decompressor.setInput(compressedData);

        // Create an expandable byte array to hold the decompressed data
        ByteArrayOutputStream bos = new ByteArrayOutputStream(compressedData.length);

        // Decompress the data
        byte[] buf = new byte[1024];
        while (!decompressor.finished())
        {
            int count = decompressor.inflate(buf);
            bos.write(buf, 0, count);
        }
        bos.close();

        // Get the decompressed data
        return bos.toByteArray();
    }
Bilateral answered 11/1, 2018 at 11:12 Comment(5)
See "What If the XML Signature Fails to Validate?" here. "signature validation status: false" means that the cryptographic verification has failed. Have you modified the signature in any way?Keep in mind that white space, indentation or change of encoding is significantNeoma
Signature is valid 100%. I't was received from bank. But there is only one thing I'm decode this data from base64 and unzip it. And everything vork ok for Visa value and domestic paymet system and wrong for Mastercard But mastercard in UTF-8 code May by it's a reason. But hash reference is trueBilateral
Encoding can become a headache. Could you post a base64 sample before decoding it?Neoma
Added two raw incoming strings. Visa work, Mastercard - don't work And code for decodingBilateral
Got same result testing your examples. Assuming that the mastercard signature is presumably correct, you could try Apache Santuario. It is an alternative implementation of XML-SignatureNeoma

© 2022 - 2024 — McMap. All rights reserved.