santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Bishop <bisho...@gmail.com>
Subject Re: Broken Test Cases from 1.4.4 to 1.5.2? Related to ID?
Date Mon, 20 Aug 2012 21:00:04 GMT
OK, thanks a bunch.  That solved half of my problems.  Given my previous
example, I wrote a small utility method in my test case:

private void convertDoc(final Document doc) {
    final NodeList comments = doc.getElementsByTagName("comment");

    for (int count = 0; count < comments.getLength(); count++) {
        final Element comment = (Element) comments.item(count);

        comment.setIdAttribute("ID", true);
    }
}

All it does is tell each "comment" element that the "ID" attribute is
indeed a "real" ID.  This is for test cases only; I realize that I really
need a schema-constraint that defines "ID" as a "real" ID.  It works fine
for the test cases that work with enveloped signatures.

But now I'm having similar issues with enveloping signatures:

final XMLSignature signature = new XMLSignature(ownerDocument, baseURI,
sigAlgorithm);
final ObjectContainer container = new ObjectContainer(ownerDocument);
final Transforms transforms = new Transforms(ownerDocument);

container.setId("MyGivenID");
container.appendChild(nodeIWantToSign);
signature.appendObject(container);
transforms.addTransform(Transforms.TRANSFORM_C14N_WITH_COMMENTS);
signature.addDocument("#MyGivenID", transforms,
Constants.ALGO_ID_DIGEST_SHA1);
signature.addKeyInfo(certificate);
signature.addKeyInfo(certificate.getPublicKey());
signature.sign(privateKey);

// From here, I'd append the signature.getElement() into the document I
want it to "live" in.

I'm getting the same problem:

java.lang.AssertionError:
org.apache.xml.security.signature.ReferenceNotInitializedException: Cannot
resolve element with ID MyGivenID
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Cannot
resolve element with ID MyGivenID
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Cannot
resolve element with ID MyGivenID
Original Exception was
org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot
resolve element with ID MyGivenID

The difference here is that the document doesn't have an ID at all.  All
I'm trying to do is set the ID of the ObjectContainer that contains the
content to be signed.

This follows the paradigm set in the "CreateEnvelopingSignature" sample
provided, but still breaks in my test environment.  Again, the above code
was correct in Santuario 1.4.4.

So why am I getting broken references on a newly created ObjectContainer?

Michael Bishop


On Mon, Aug 20, 2012 at 4:00 PM, Cantor, Scott <cantor.2@osu.edu> wrote:

> On 8/20/12 3:51 PM, "Michael Bishop" <bishopmw@gmail.com> wrote:
> >
> >I'm trying to upgrade my libraries that leverage Apache Santuario and I'm
> >getting failures in my test cases.  Has something changed in resolving
> >reference URIs?
>
> Yes, the bug that caused it to assume an attribute named ID is a actual ID
> was fixed.
>
> >Which leads me to believe that it can't find the ID reference supplied by
> >the ID attribute in each "comment" element.  This works perfectly in
> >1.4.4.  What do I need to change in order to upgrade?
>
> You have to process the DOM in such a fashion that the ID attribute is
> marked as such, via a schema or via DOM3 API calls.
>
> Or I believe you can plug in an ID resolver of some kind as well.
>
> -- Scott
>
>

Mime
View raw message