Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 36127 invoked from network); 23 Feb 2005 01:57:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 23 Feb 2005 01:57:53 -0000 Received: (qmail 68005 invoked by uid 500); 23 Feb 2005 01:57:51 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 67982 invoked by uid 500); 23 Feb 2005 01:57:51 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Reply-To: security-dev@xml.apache.org Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 67967 invoked by uid 99); 23 Feb 2005 01:57:51 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from ensim.smarty-host.com (HELO ensim.smarty-host.com) (66.98.150.92) by apache.org (qpsmtpd/0.28) with ESMTP; Tue, 22 Feb 2005 17:57:49 -0800 Received: from brettingham-moore.net (localhost.localdomain [127.0.0.1]) (authenticated (0 bits)) by ensim.smarty-host.com (8.11.6/8.11.6) with ESMTP id j1N1vmW18993 for ; Wed, 23 Feb 2005 12:57:48 +1100 Received: from 147.109.250.24 (proxying for 147.109.11.123, 147.109.11.153) (SquirrelMail authenticated user cbrettin@brettingham-moore.net) by www.brettingham-moore.net with HTTP; Wed, 23 Feb 2005 12:57:48 +1100 (EST) Message-ID: <3811.147.109.250.24.1109123868.squirrel@www.brettingham-moore.net> Date: Wed, 23 Feb 2005 12:57:48 +1100 (EST) Subject: suggested XMLCipher enhancement/fix From: "Clive Brettingham-Moore" To: X-Priority: 3 Importance: Normal Reply-To: xmlsec@brettingham-moore.net X-Mailer: SquirrelMail (version 1.2.11) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_20050223125748_27242" X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N ------=_20050223125748_27242 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Good functionality, flexible API; just a couple of suggestions, related to my experiences using the library to implement a subset of OASIS-WSSE: 1) expose fully specified encryptData method (required for customised embedding of encrypted elements with control of content mode). 2) make key/data refs work for fragment URIs (my patch is a bit of a hack for this, removing the validation, but at least applications can then use these refs) A more elaborate fix may be possible, but I don't really want to dig that deeply into the URI code. diff attached C ------=_20050223125748_27242 Content-Type: text/plain; name="XMLCipher.diff.txt" Content-Disposition: attachment; filename="XMLCipher.diff.txt" Index: XMLCipher.java =================================================================== RCS file: /home/cvspublic/xml-security/src/org/apache/xml/security/encryption/XMLCipher.java,v retrieving revision 1.34 diff -r1.34 XMLCipher.java 909c909,923 < private EncryptedData encryptData(Document context, Element element, boolean contentMode) throws --- > > /** > * Returns an EncryptedData interface. Use this operation if > * you want to have full control over the contents of the > * EncryptedData structure. > * > * This does not change the source document in any way. > * > * > * @param context the context Document. > * @param element the Element that will be encrypted. > * @param contentMode true if element content only is to be encrypted > * @throws XMLEncryptionException. > */ > public EncryptedData encryptData(Document context, Element element, boolean contentMode) throws // cbrettin changed to public 2556,2564c2570,2575 < list = element.getElementsByTagNameNS( < EncryptionConstants.EncryptionSpecNS, < EncryptionConstants._TAG_DATAREFERENCE); < for (int i = 0; i < list.getLength() ; i++) { < String uri = null; < try { < uri = new URI( < ((Element) list.item(0)).getNodeValue()).toString(); < } catch (URI.MalformedURIException mfue) { --- > list = element.getElementsByTagNameNS( > EncryptionConstants.EncryptionSpecNS, > EncryptionConstants._TAG_DATAREFERENCE); > for (int i = 0; i < list.getLength() ; i++) { > String uri = ((Element) list.item(i)).getAttribute("URI"); > result.add(result.newDataReference(uri)); 2566,2567c2577 < result.add(result.newDataReference(uri)); < } --- > break; 2569,2577c2579,2584 < list = element.getElementsByTagNameNS( < EncryptionConstants.EncryptionSpecNS, < EncryptionConstants._TAG_KEYREFERENCE); < for (int i = 0; i < list.getLength() ; i++) { < String uri = null; < try { < uri = new URI( < ((Element) list.item(0)).getNodeValue()).toString(); < } catch (URI.MalformedURIException mfue) { --- > list = element.getElementsByTagNameNS( > EncryptionConstants.EncryptionSpecNS, > EncryptionConstants._TAG_KEYREFERENCE); > for (int i = 0; i < list.getLength() ; i++) { > String uri = ((Element) list.item(i)).getAttribute("URI"); > result.add(result.newKeyReference(uri)); 2579,2580d2585 < result.add(result.newKeyReference(uri)); < } ------=_20050223125748_27242--