Return-Path: X-Original-To: apmail-camel-issues-archive@minotaur.apache.org Delivered-To: apmail-camel-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B2D1F11BD8 for ; Mon, 21 Jul 2014 12:08:39 +0000 (UTC) Received: (qmail 81012 invoked by uid 500); 21 Jul 2014 12:08:39 -0000 Delivered-To: apmail-camel-issues-archive@camel.apache.org Received: (qmail 80874 invoked by uid 500); 21 Jul 2014 12:08:39 -0000 Mailing-List: contact issues-help@camel.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@camel.apache.org Delivered-To: mailing list issues@camel.apache.org Received: (qmail 80711 invoked by uid 99); 21 Jul 2014 12:08:38 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Jul 2014 12:08:38 +0000 Date: Mon, 21 Jul 2014 12:08:38 +0000 (UTC) From: "Franz Forsthofer (JIRA)" To: issues@camel.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (CAMEL-7618) Enhancement for xmlsecurity Component: Detached XML Signatures MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Franz Forsthofer created CAMEL-7618: --------------------------------------- Summary: Enhancement for xmlsecurity Component: Detached XML Signatures Key: CAMEL-7618 URL: https://issues.apache.org/jira/browse/CAMEL-7618 Project: Camel Issue Type: New Feature Components: camel-crypto Reporter: Franz Forsthofer Fix For: 2.14.0 The current xmlsecurity component supports enveloping and enveloped XML signatures. The attached patch enhances this component so that also detached XML signatures (see specification http://www.w3.org/TR/xmldsig-core/#def-SignatureDetached) can be used. The patch supports the case where the signature is a sibling of the signed element and the signed element is referred by a ID attribute value. Also several signatures within the same XML document (even nested signatures) are supported. For this new functionality, the signer configuration has got two new parameters: # xpathsToIdAttributes xpathes to attributes which are of type ID which define the elements to be signed (for each element to be signed a separate signature is created as a sibling of the element) # schemaResourceUri defines a classpath to the XML schema, the XML schema is needed during the parsing to specify the ID attributes and the verifier configuration has got one new parameter: # schemaResourceUri defines a classpath to the XML schema, the XML schema is needed during the parsing to find the ID attributes Because we allow several signatures within one XML document, the signatures can be nested. In order to produce the correct nested signatures, the signatures are created in a certain order; elements with deeper hierarchy level are signed first. -- This message was sent by Atlassian JIRA (v6.2#6252)