camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Franz Forsthofer (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CAMEL-7618) Enhancement for xmlsecurity Component: Detached XML Signatures
Date Mon, 21 Jul 2014 12:08:38 GMT
Franz Forsthofer created CAMEL-7618:
---------------------------------------

             Summary: Enhancement for xmlsecurity Component: Detached XML Signatures
                 Key: CAMEL-7618
                 URL: https://issues.apache.org/jira/browse/CAMEL-7618
             Project: Camel
          Issue Type: New Feature
          Components:  camel-crypto
            Reporter: Franz Forsthofer
             Fix For: 2.14.0


The current xmlsecurity component supports enveloping and enveloped XML signatures. The attached
patch enhances this component so that also detached XML signatures (see specification http://www.w3.org/TR/xmldsig-core/#def-SignatureDetached)
can be used. The patch supports the case where the signature is a sibling of the signed element
and the signed element is referred by a ID attribute value. Also several signatures within
the  same XML document (even nested signatures) are supported.

For this new functionality, the signer configuration has got two new parameters:
# xpathsToIdAttributes xpathes to attributes which are of type ID which define the elements
to be signed (for each element to be signed a separate signature is created as a sibling of
the element)
# schemaResourceUri defines a classpath to the XML schema, the XML schema is needed during
the parsing to specify the ID attributes

and the verifier configuration has got one new parameter:
# schemaResourceUri defines a classpath to the XML schema, the XML schema is needed during
the parsing to find the ID attributes

Because we allow several signatures within one XML document, the signatures can be nested.
In order to produce the correct nested signatures, the signatures are created in a certain
order; elements with deeper hierarchy level are signed first.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message