Return-Path: Delivered-To: apmail-xml-security-dev-archive@www.apache.org Received: (qmail 50792 invoked from network); 26 Jun 2006 14:42:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 26 Jun 2006 14:42:28 -0000 Received: (qmail 16886 invoked by uid 500); 26 Jun 2006 14:42:27 -0000 Delivered-To: apmail-xml-security-dev-archive@xml.apache.org Received: (qmail 16866 invoked by uid 500); 26 Jun 2006 14:42:26 -0000 Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: security-dev@xml.apache.org List-Id: Delivered-To: mailing list security-dev@xml.apache.org Received: (qmail 16855 invoked by uid 99); 26 Jun 2006 14:42:26 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 26 Jun 2006 07:42:26 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of mikemci@us.ibm.com designates 32.97.182.142 as permitted sender) Received: from [32.97.182.142] (HELO e2.ny.us.ibm.com) (32.97.182.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 26 Jun 2006 07:42:25 -0700 Received: from d01relay02.pok.ibm.com (d01relay02.pok.ibm.com [9.56.227.234]) by e2.ny.us.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id k5QEg4r8005290 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Mon, 26 Jun 2006 10:42:05 -0400 Received: from d01av02.pok.ibm.com (d01av02.pok.ibm.com [9.56.224.216]) by d01relay02.pok.ibm.com (8.13.6/NCO/VER7.0) with ESMTP id k5QEftXm224874 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 26 Jun 2006 10:41:55 -0400 Received: from d01av02.pok.ibm.com (loopback [127.0.0.1]) by d01av02.pok.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id k5QEfts4007724 for ; Mon, 26 Jun 2006 10:41:55 -0400 Received: from d01ml605.pok.ibm.com (d01ml605.pok.ibm.com [9.56.227.91]) by d01av02.pok.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id k5QEftP9007721; Mon, 26 Jun 2006 10:41:55 -0400 In-Reply-To: <449FEA9B.3020309@Sun.COM> To: security-dev@xml.apache.org Cc: Sean.Mullan@Sun.COM, security-dev@xml.apache.org Subject: Re: CanonicalizerSpi MIME-Version: 1.0 X-Mailer: Lotus Notes Release 7.0 HF85 November 04, 2005 From: Michael McIntosh Message-ID: Date: Mon, 26 Jun 2006 10:41:51 -0400 X-MIMETrack: Serialize by Router on D01ML605/01/M/IBM(Release 7.0.1HF123 | April 14, 2006) at 06/26/2006 10:41:55, Serialize complete at 06/26/2006 10:41:55 Content-Type: text/plain; charset="US-ASCII" X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Sean.Mullan@Sun.COM wrote on 06/26/2006 10:09:31 AM: > Can you be more specific about what the problem is? The problem is that there is no equivalent to _transformObject in the CanonicalizerSpi. An implementation of a Transform can include the following code in order to access any parameter values encapsulated in the Transform element: protected XMLSignatureInput enginePerformTransform (XMLSignatureInput input) { org.w3c.dom.Element elemTransform = this._transformObject.getElement(); ... } there is no way to access the current CanonicalizationMethod element from within the implementation. > Also, the next release of Apache XML Security (1.4) will include JSR 105 > (Java XML DSig API). The JSR 105 API allows you to implement your own > Canonicalization (or Transform) algorithms (with support for input > parameters) by subclassing the javax.xml.crypto.dsig.TransformService > class. An initial beta of XMLSec 1.4 is now available for testing: > http://xml.apache.org/security/dist/java-library/xmlsec-1.4.Beta0.jar How different is code written for 1.4 vs. 1.3? Are there easy to understand porting guidelines available? Thanks, Mike > --Sean