santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3
Date Tue, 10 Feb 2015 12:12:01 GMT
>
> Stax signer
> - When I set XMLSecurityProperties.setSignaturePosition(1); no signature is
> being written, with "0" the signature is written on the top of the file.
>

I can't reproduce this. With "1", the Signature should be written out after
the first child element. Could you create a test-case to reproduce the
problem?


>
> Dom Verify
> - With this new version 2.0.3 I`m getting an exception, it was working with
> 2.0.2, but I need the RSA-PSS algorithm support, therefore I want to
> upgrade
> Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Invalid
> digest of reference #ID_097f0764-9f73-4fb2-b2e0-7de370930288
>

 Could you create a test-case to reproduce the problem?


> Another question is, why does that code:
>
>                                 String id = "ID_" +
> UUID.randomUUID().toString();
>                                 elementToSign.setAttributeNS(null, "Id",
> id);
>                                 elementToSign.setIdAttributeNS(null, "Id",
> true);
>
>                                 transforms = new Transforms(document);
>                                 transforms
>                                                 .addTransform("
> http://www.w3.org/2001/10/xml-exc-c14n#");
>                                 xmlSignature.addDocument("#" + id,
> transforms,
>                                                 "
> http://www.w3.org/2000/09/xmldsig#sha1");
>
> set the id on the top of the xml document and also to the reference field?
>
> <TrustServiceStatusList xmlns="http://uri.etsi.org/02231/v2#"
> Id="ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed"
> TSLTag="http://uri.etsi.org/02231/TSLTag">
> <ds:Reference URI="#ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed">
>
> Is that a correct behaviour?
>

Yes, the reference URI points to the Element that is signed (in this case
TrustServiceStatusList).

Colm.


>
>
>
> --
> View this message in context:
> http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41687.html
> Sent from the Apache XML - Security - Dev mailing list archive at
> Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message