santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3
Date Tue, 10 Feb 2015 14:12:44 GMT
You have a load of dependencies that aren't included, i.e. "IMCertUtil".
Please create a test-case that I can just unzip + run without having to
change any code.

Colm.

On Tue, Feb 10, 2015 at 12:50 PM, tobias <tobias.wolf@t-systems.com> wrote:

> Attached to this mail I send you all needed files including a Junit test
> case. Currently I`m trying to sign with DOM but you can easily switch to
> Stax mode in the class TSLXmlSigner.
>
>
>
> *Von:* Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:[hidden
> email] <http:///user/SendEmail.jtp?type=node&node=41694&i=0>]
> *Gesendet:* Dienstag, 10. Februar 2015 13:06
> *An:* Wolf, Tobias
> *Betreff:* Re: [VOTE] - Release Apache Santuario - XML Security for Java
> 2.0.3
>
>
>
>
>
>
> Stax signer
> - When I set XMLSecurityProperties.setSignaturePosition(1); no signature is
> being written, with "0" the signature is written on the top of the file.
>
>
>
> I can't reproduce this. With "1", the Signature should be written out
> after the first child element. Could you create a test-case to reproduce
> the problem?
>
>
>
> Dom Verify
> - With this new version 2.0.3 I`m getting an exception, it was working with
> 2.0.2, but I need the RSA-PSS algorithm support, therefore I want to
> upgrade
> Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Invalid
> digest of reference #ID_097f0764-9f73-4fb2-b2e0-7de370930288
>
>
>  Could you create a test-case to reproduce the problem?
>
>
> Another question is, why does that code:
>
>                                 String id = "ID_" +
> UUID.randomUUID().toString();
>                                 elementToSign.setAttributeNS(null, "Id",
> id);
>                                 elementToSign.setIdAttributeNS(null, "Id",
> true);
>
>                                 transforms = new Transforms(document);
>                                 transforms
>                                                 .addTransform("
> http://www.w3.org/2001/10/xml-exc-c14n#
> <http://www.w3.org/2001/10/xml-exc-c14n>");
>                                 xmlSignature.addDocument("#" + id,
> transforms,
>                                                 "
> http://www.w3.org/2000/09/xmldsig#sha1");
>
> set the id on the top of the xml document and also to the reference field?
>
> <TrustServiceStatusList xmlns="http://uri.etsi.org/02231/v2#
> <http://uri.etsi.org/02231/v2>"
> Id="ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed"
> TSLTag="http://uri.etsi.org/02231/TSLTag">
> <ds:Reference URI="#ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed">
>
> Is that a correct behaviour?
>
>
>
> Yes, the reference URI points to the Element that is signed (in this case
> TrustServiceStatusList).
>
> Colm.
>
>
>
>
>
>
> --
> View this message in context:
> http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41687.html
> Sent from the Apache XML - Security - Dev mailing list archive at
> Nabble.com.
>
>
>
>
>
> --
>
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
>
> ------------------------------
>
> *If you reply to this email, your message will be added to the discussion
> below:*
>
>
> http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41692.html
>
> To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for
> Java 2.0.3, click here.
> NAML
> <http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
> *TSLXmlSigner.java* (23K) Download Attachment
> <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/0/TSLXmlSigner.java>
> *test.xml* (210 bytes) Download Attachment
> <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/1/test.xml>
> *TestTSLXmlSigner.java* (1K) Download Attachment
> <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/2/TestTSLXmlSigner.java>
> *tsl_xml_sign.der* (1K) Download Attachment
> <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/3/tsl_xml_sign.der>
> *tsl_xml_sign.crt* (1K) Download Attachment
> <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/4/tsl_xml_sign.crt>
>
> ------------------------------
> View this message in context: AW: [VOTE] - Release Apache Santuario - XML
> Security for Java 2.0.3
> <http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41694.html>
> Sent from the Apache XML - Security - Dev mailing list archive
> <http://apache-xml-project.6118.n7.nabble.com/Apache-XML-Security-Dev-f33675.html>
> at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message