Attached to this mail I send you all needed files including a Junit test case. Currently I`m trying to sign with DOM but you can easily switch to Stax mode in the class TSLXmlSigner.
Von: Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:ml-node+s6118n41692...@n7.nabble.com] Gesendet: Dienstag, 10. Februar 2015 13:06 An: Wolf, Tobias Betreff: Re: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3 Stax signer - When I set XMLSecurityProperties.setSignaturePosition(1); no signature is being written, with "0" the signature is written on the top of the file. I can't reproduce this. With "1", the Signature should be written out after the first child element. Could you create a test-case to reproduce the problem? Dom Verify - With this new version 2.0.3 I`m getting an exception, it was working with 2.0.2, but I need the RSA-PSS algorithm support, therefore I want to upgrade Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Invalid digest of reference #ID_097f0764-9f73-4fb2-b2e0-7de370930288 Could you create a test-case to reproduce the problem? Another question is, why does that code: String id = "ID_" + UUID.randomUUID().toString(); elementToSign.setAttributeNS(null, "Id", id); elementToSign.setIdAttributeNS(null, "Id", true); transforms = new Transforms(document); transforms .addTransform("http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>"); xmlSignature.addDocument("#" + id, transforms, "http://www.w3.org/2000/09/xmldsig#sha1";); set the id on the top of the xml document and also to the reference field? <TrustServiceStatusList xmlns="http://uri.etsi.org/02231/v2#<http://uri.etsi.org/02231/v2>" Id="ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed" TSLTag="http://uri.etsi.org/02231/TSLTag";> <ds:Reference URI="#ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed"> Is that a correct behaviour? Yes, the reference URI points to the Element that is signed (in this case TrustServiceStatusList). Colm. -- View this message in context: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41687.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com ________________________________ If you reply to this email, your message will be added to the discussion below: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41692.html To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3, click here<http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=41648&code=dG9iaWFzLndvbGZAdC1zeXN0ZW1zLmNvbXw0MTY0OHwxNjQxMTM5MzQ2>. NAML<http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> TSLXmlSigner.java (23K) <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/0/TSLXmlSigner.java> test.xml (210 bytes) <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/1/test.xml> TestTSLXmlSigner.java (1K) <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/2/TestTSLXmlSigner.java> tsl_xml_sign.der (1K) <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/3/tsl_xml_sign.der> tsl_xml_sign.crt (1K) <http://apache-xml-project.6118.n7.nabble.com/attachment/41694/4/tsl_xml_sign.crt> -- View this message in context: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41694.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.
