Hello!

I have been trying to sign XML document "sample.xml" located eg. in
http://localhost/sample.xml, using Apache XML Security package from
http://xml.apache.org/security/Java/. I am using NullURIReferenceResolver
class to create URI for my "sample.xml" document. Unfortunately, when I was
trying to compile my source code, I got the following exceptions:

-----------
Exceptions in thread "main"
org.apache.xml.security.signature.XMLSignatureException: The XPath is not in
the same document as the context node
Orginal Exception was
org.apache.xml.security.signature.ReferenceNotInitialized
...
Orginal Exception was
org.apache.xml.security.transforms.TransformationException: The XPath is not
in the same document as the context node
....
-----------
Please help. I don't really know what I should fix in this code to make it
work properly.

In advace, thanks a lot for support & helping hand.

best regards,
Darek

PS.
Here is the source code:

package org.apache.xml.security.samples.signature;

import java.io.*;
import java.lang.reflect.*;
import java.security.*;
import java.security.cert.*;
import java.util.*;
import javax.xml.transform.TransformerException;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.*;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.c14n.*;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.*;
import org.apache.xml.security.keys.*;
import org.apache.xml.security.keys.content.*;
import org.apache.xml.security.keys.content.x509.*;
import org.apache.xml.security.keys.keyresolver.*;
import org.apache.xml.security.keys.storage.*;
import org.apache.xml.security.keys.storage.implementations.*;
import org.apache.xml.security.utils.*;
import org.apache.xml.security.transforms.*;
import org.apache.xml.security.Init;
import org.apache.xml.security.samples.signature.NullURIReferenceResolver;
import org.apache.xml.serialize.*;

public class myCreateSignature {

  static org.apache.log4j.Category cat =

org.apache.log4j.Category.getInstance(CreateSignature.class.getName());

  static {
     org.apache.xml.security.Init.init();
  }

  public static void main(String unused[]) throws Exception {

     String keystoreType     = "JKS";
     String keystoreFile     =
"data/org/apache/xml/security/samples/input/keystore.jks";
     String keystorePass     = "xmlsecurity";
     String privateKeyAlias  = "test";
     String privateKeyPass   = "xmlsecurity";
     String certificateAlias = "test";

     // create DOM document
     javax.xml.parsers.DocumentBuilderFactory dbf =
        javax.xml.parsers.DocumentBuilderFactory.newInstance();

     dbf.setNamespaceAware(true);
     javax.xml.parsers.DocumentBuilder db = dbf.newDocumentBuilder();
     org.w3c.dom.Document doc = db.newDocument();

     // output file "signature.XML"
     java.io.File signatureFile =
        new File("signature.xml");

     // URI
     String BaseURI = signatureFile.toURL().toString();

     // prefix

org.apache.xml.security.utils.Constants.setSignatureSpecNSprefix("ds");

     // signature
     org.apache.xml.security.signature.XMLSignature sig =
         new XMLSignature(doc, BaseURI,
XMLSignature.ALGO_ID_SIGNATURE_DSA);

     // add signature into document
     doc.appendChild(sig.getElement());

     // resolver
     String xml_to_sign = http://localhost/sample.xml;

     org.apache.xml.security.samples.signature.NullURIReferenceResolver
null_URI =
         new NullURIReferenceResolver(xml_to_sign.getBytes());

     // add resolver to signature
     sig.addResourceResolver(null_URI);

     // transformations i canonicalization C14n
     org.apache.xml.security.transforms.Transforms transforms =
         new Transforms(doc);

     // make transformations
     transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
     transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);

     // add document "http://localhost/sample.xml" to signature
     sig.addDocument(xml_to_sign, transforms,
Constants.ALGO_ID_DIGEST_SHA1);

     // contener of certificates and keys
     java.security.KeyStore ks = KeyStore.getInstance(keystoreType);

     java.io.FileInputStream fis =
         new FileInputStream(keystoreFile);

     // initialization contener
     ks.load(fis, keystorePass.toCharArray());

     // certificate X509
     java.security.cert.X509Certificate cert =
         (X509Certificate) ks.getCertificate(certificateAlias);

     // public key
     java.security.PublicKey publicKey = cert.getPublicKey();

     // private key
     java.security.PrivateKey privateKey =
         (PrivateKey) ks.getKey(privateKeyAlias,
privateKeyPass.toCharArray());

     sig.addKeyInfo(cert);
     sig.addKeyInfo(publicKey);
     System.out.println("Start signing");
     sig.sign(privateKey);
     System.out.println("Finished signing");

     // save into output file "signature.xml" DOM document
     java.io.FileOutputStream fos =
         new FileOutputStream(signatureFile);
     XMLUtils.outputDOMc14nWithComments(doc, fos);
     fos.close();

     System.out.println("Wrote signature to " + BaseURI);
  }

}