santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Inoguchi, Kinichiro" <Kinichiro.Inogu...@hp.com>
Subject Why namespace in SignedContentItem is removed ?
Date Tue, 04 Jun 2013 08:07:30 GMT
Hi,

Now I'm trying to work with detached and sibling XML signature.
I could sign to my XML, but I realized that SignedContentItem in 
XMLSignature missed namespace I added.

Here is my XML document, and I signed to <myXml>.
<myXml> contains <myData>, and <myData> contains <myItem>.
<myItem> belongs to namespace "http://xxx.yyy.zzz/".
============================================================
<myPayload xmlns="http://aaa.bbb.ccc/">
    <myXml xmlns:ns0="http://aaa.bbb.ccc/" ns0:Id="signed">
        <myData>
            <myItem xmlns="http://xxx.yyy.zzz/">Item1</myItem>
        </myData>
    </myXml>
    <ds:Signature>
        ...
    </ds:Signature>
</myPayload>
============================================================

And SignedContentItem in XMLSignature was like below.
============================================================
<myXml xmlns="http://aaa.bbb.ccc/" Id="signed"><myData><myItem>Item1</myItem></myData></myXml>
============================================================

I wonder why namespace is removed from <myItem>.
I'm afraid that this will causes wrong digest value calculation.

I've read the thread "vanishing attribute namespace prefixes",
but I couldn't get the conclusion by myself.

Does anyone tell me how to resolve this issue ?

I attached source code (TestMySignature.java) 
and result (TestMySignature.txt).

Thanks.


Mime
View raw message