I'm getting a file not found error with this link: http://apache-xml-project.6118.n7.nabble.com/attachment/41697/1/TestTSLAPI.zip
Colm. On Wed, Feb 11, 2015 at 6:01 PM, tobias <[email protected]> wrote: > In this package I`ve included everything you need to reproduce the issue. > Currently the DOM support is enabled to reproduce the issue with the digest > error. You can easily switch to the Stax support to reproduce the logging > error. > > > > mit freundlichen Grüßen > > Tobias Wolf > > > > T-Systems International GmbH > > Systems Integration > > Horizontal Solutions > > Tobias Wolf > > Software Architekt > > Project Center ECM & ECM Strategy & Architecture Consulting > > Dachauer Str. 651, D-80995 München > > +49 89 54550 - 2479 (Tel.) > > +49 151 168 80 221 (Mobil) > > E-Mail: [hidden email] > <http:///user/SendEmail.jtp?type=node&node=41697&i=0> > > Internet: http://www.t-systems.com > > > > T-Systems International GmbH > > Supervisory Board: Thomas Dannenfeldt (Chairman) > > Board of Management: Reinhard Clemens (Chairman), Dr. Ferri Abolhassan, > Dr. Markus Müller, Georg Pepping, Hagen Rickmann, Klaus Werner > > Commercial register: Amtsgericht Frankfurt am Main HRB 55933 > > Registered office: Frankfurt am Main > > > > > > > > Notice: This transmittal and/or attachments may be privileged or > confidential. It is intended solely for the addressee named above. Any > review, dissemination, or copying is strictly prohibited. If you received > this transmittal in error, please notify us immediately by reply and > immediately delete this message and all its attachments. Thank you. > > > > > > > > Big changes start small – conserve resources by not printing every e-mail. > > > > *Von:* Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:[hidden > email] <http:///user/SendEmail.jtp?type=node&node=41697&i=1>] > *Gesendet:* Dienstag, 10. Februar 2015 15:07 > *An:* Wolf, Tobias > *Betreff:* Re: [VOTE] - Release Apache Santuario - XML Security for Java > 2.0.3 > > > > > > You have a load of dependencies that aren't included, i.e. "IMCertUtil". > Please create a test-case that I can just unzip + run without having to > change any code. > > Colm. > > > > On Tue, Feb 10, 2015 at 12:50 PM, tobias <[hidden email] > <http:///user/SendEmail.jtp?type=node&node=41695&i=0>> wrote: > > Attached to this mail I send you all needed files including a Junit test > case. Currently I`m trying to sign with DOM but you can easily switch to > Stax mode in the class TSLXmlSigner. > > > > *Von:* Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:[hidden > email] <http://user/SendEmail.jtp?type=node&node=41694&i=0>] > *Gesendet:* Dienstag, 10. Februar 2015 13:06 > *An:* Wolf, Tobias > *Betreff:* Re: [VOTE] - Release Apache Santuario - XML Security for Java > 2.0.3 > > > > > > > Stax signer > - When I set XMLSecurityProperties.setSignaturePosition(1); no signature is > being written, with "0" the signature is written on the top of the file. > > > > I can't reproduce this. With "1", the Signature should be written out > after the first child element. Could you create a test-case to reproduce > the problem? > > > > Dom Verify > - With this new version 2.0.3 I`m getting an exception, it was working with > 2.0.2, but I need the RSA-PSS algorithm support, therefore I want to > upgrade > Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Invalid > digest of reference #ID_097f0764-9f73-4fb2-b2e0-7de370930288 > > > Could you create a test-case to reproduce the problem? > > > Another question is, why does that code: > > String id = "ID_" + > UUID.randomUUID().toString(); > elementToSign.setAttributeNS(null, "Id", > id); > elementToSign.setIdAttributeNS(null, "Id", > true); > > transforms = new Transforms(document); > transforms > .addTransform(" > http://www.w3.org/2001/10/xml-exc-c14n# > <http://www.w3.org/2001/10/xml-exc-c14n>"); > xmlSignature.addDocument("#" + id, > transforms, > " > http://www.w3.org/2000/09/xmldsig#sha1";); > > set the id on the top of the xml document and also to the reference field? > > <TrustServiceStatusList xmlns="http://uri.etsi.org/02231/v2# > <http://uri.etsi.org/02231/v2>" > Id="ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed" > TSLTag="http://uri.etsi.org/02231/TSLTag";> > <ds:Reference URI="#ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed"> > > Is that a correct behaviour? > > > > Yes, the reference URI points to the Element that is signed (in this case > TrustServiceStatusList). > > Colm. > > > > > > > -- > View this message in context: > http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41687.html > Sent from the Apache XML - Security - Dev mailing list archive at > Nabble.com. > > > > > > -- > > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > > ------------------------------ > > *If you reply to this email, your message will be added to the discussion > below:* > > > http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41692.html > > To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for > Java 2.0.3, click here. > NAML > <http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > > > [image: > http://apache-xml-project.6118.n7.nabble.com/images/icon_attachment.gif] > *TSLXmlSigner.java* (23K) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/0/TSLXmlSigner.java> > [image: > http://apache-xml-project.6118.n7.nabble.com/images/icon_attachment.gif] > *test.xml* (210 bytes) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/1/test.xml> > [image: > http://apache-xml-project.6118.n7.nabble.com/images/icon_attachment.gif] > *TestTSLXmlSigner.java* (1K) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/2/TestTSLXmlSigner.java> > [image: > http://apache-xml-project.6118.n7.nabble.com/images/icon_attachment.gif] > *tsl_xml_sign.der* (1K) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/3/tsl_xml_sign.der> > [image: > http://apache-xml-project.6118.n7.nabble.com/images/icon_attachment.gif] > *tsl_xml_sign.crt* (1K) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/4/tsl_xml_sign.crt> > > > ------------------------------ > > View this message in context: AW: [VOTE] - Release Apache Santuario - XML > Security for Java 2.0.3 > <http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41694.html> > Sent from the Apache XML - Security - Dev mailing list archive > <http://apache-xml-project.6118.n7.nabble.com/Apache-XML-Security-Dev-f33675.html> > at Nabble.com. > > > > > > -- > > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > > ------------------------------ > > *If you reply to this email, your message will be added to the discussion > below:* > > > http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41695.html > > To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for > Java 2.0.3, click here. > NAML > <http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > > *TestTSLAPI.zip* (7M) Download Attachment > <http://apache-xml-project.6118.n7.nabble.com/attachment/41697/1/TestTSLAPI.zip> > > ------------------------------ > View this message in context: [WARNING : A/V UNSCANNABLE]AW: [VOTE] - > Release Apache Santuario - XML Security for Java 2.0.3 > <http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41697.html> > Sent from the Apache XML - Security - Dev mailing list archive > <http://apache-xml-project.6118.n7.nabble.com/Apache-XML-Security-Dev-f33675.html> > at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
