santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Interop question
Date Fri, 22 Jun 2007 12:50:01 GMT
Hi Ulrich,

It's probably a c14n issue. What you should do is enable logging on each
side, and then compare the canonicalized bytes, before it is digested.
My guess is that it is something subtle (it always is) probably with
namespaces. You may also try using the Java XML DSig implementation in
JDK 6 or XMLSec 1.4.1, which is more up to date.

--Sean

Ulrich Ackermann wrote:
> Hi all,
> 
> I have got a question concerning the interoperability between the
> Apache XML Security framework (we are currently using the version
> 1.3.0) and the Sun implementation of XML DSIG (Java XML Digital
> Signature API, 1.0 EA2). Currently we are running into problems
> because the opposite application isn't able to verify our signature
> whereas it is no problem for us to verify a signature built by the
> Sun implementation based application with our app, which is built
> upon the Apache XML Security framework.
> 
> We are using enveloping signature and the problem can be narrowed
> down to the digest (SHA1) we are calculating differently. The
> canonicalization we are using is
> org.apache.xml.security.c14nCanonicalizer.ALGO_ID_C14N_WITH_COMMENTS.
> 
> 
> Are there any problems known with version 1.3.x of Apache XML
> Security that are fixed with 1.4.x? Are there any known issues at all
> concerning one or the other framework?
> 
> Thank you in advance, Ulrich 
> _____________________________________________________________________
>  Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu
> sparen! 
> http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
> 


Mime
View raw message