In this package I`ve included everything you need to reproduce the issue. Currently the DOM support is enabled to reproduce the issue with the digest error. You can easily switch to the Stax support to reproduce the logging error.
mit freundlichen Grüßen Tobias Wolf T-Systems International GmbH Systems Integration Horizontal Solutions Tobias Wolf Software Architekt Project Center ECM & ECM Strategy & Architecture Consulting Dachauer Str. 651, D-80995 München +49 89 54550 - 2479 (Tel.) +49 151 168 80 221 (Mobil) E-Mail: tobias.w...@t-systems.com Internet: http://www.t-systems.com T-Systems International GmbH Supervisory Board: Thomas Dannenfeldt (Chairman) Board of Management: Reinhard Clemens (Chairman), Dr. Ferri Abolhassan, Dr. Markus Müller, Georg Pepping, Hagen Rickmann, Klaus Werner Commercial register: Amtsgericht Frankfurt am Main HRB 55933 Registered office: Frankfurt am Main Notice: This transmittal and/or attachments may be privileged or confidential. It is intended solely for the addressee named above. Any review, dissemination, or copying is strictly prohibited. If you received this transmittal in error, please notify us immediately by reply and immediately delete this message and all its attachments. Thank you. Big changes start small – conserve resources by not printing every e-mail. Von: Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:ml-node+s6118n41695...@n7.nabble.com] Gesendet: Dienstag, 10. Februar 2015 15:07 An: Wolf, Tobias Betreff: Re: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3 You have a load of dependencies that aren't included, i.e. "IMCertUtil". Please create a test-case that I can just unzip + run without having to change any code. Colm. On Tue, Feb 10, 2015 at 12:50 PM, tobias <[hidden email]</user/SendEmail.jtp?type=node&node=41695&i=0>> wrote: Attached to this mail I send you all needed files including a Junit test case. Currently I`m trying to sign with DOM but you can easily switch to Stax mode in the class TSLXmlSigner. Von: Colm O hEigeartaigh-2 [via Apache XML Project] [mailto:[hidden email]<http://user/SendEmail.jtp?type=node&node=41694&i=0>] Gesendet: Dienstag, 10. Februar 2015 13:06 An: Wolf, Tobias Betreff: Re: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3 Stax signer - When I set XMLSecurityProperties.setSignaturePosition(1); no signature is being written, with "0" the signature is written on the top of the file. I can't reproduce this. With "1", the Signature should be written out after the first child element. Could you create a test-case to reproduce the problem? Dom Verify - With this new version 2.0.3 I`m getting an exception, it was working with 2.0.2, but I need the RSA-PSS algorithm support, therefore I want to upgrade Caused by: org.apache.xml.security.exceptions.XMLSecurityException: Invalid digest of reference #ID_097f0764-9f73-4fb2-b2e0-7de370930288 Could you create a test-case to reproduce the problem? Another question is, why does that code: String id = "ID_" + UUID.randomUUID().toString(); elementToSign.setAttributeNS(null, "Id", id); elementToSign.setIdAttributeNS(null, "Id", true); transforms = new Transforms(document); transforms .addTransform("http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>"); xmlSignature.addDocument("#" + id, transforms, "http://www.w3.org/2000/09/xmldsig#sha1";); set the id on the top of the xml document and also to the reference field? <TrustServiceStatusList xmlns="http://uri.etsi.org/02231/v2#<http://uri.etsi.org/02231/v2>" Id="ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed" TSLTag="http://uri.etsi.org/02231/TSLTag";> <ds:Reference URI="#ID_90de3bdd-f5dd-4b66-af7f-39ad07dc2eed"> Is that a correct behaviour? Yes, the reference URI points to the Element that is signed (in this case TrustServiceStatusList). Colm. -- View this message in context: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41687.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com ________________________________ If you reply to this email, your message will be added to the discussion below: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41692.html To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3, click here. NAML<http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> [cid:image001.png@01D0454E.E3ED26C0]TSLXmlSigner.java (23K) Download Attachment<http://apache-xml-project.6118.n7.nabble.com/attachment/41694/0/TSLXmlSigner.java> [cid:image001.png@01D0454E.E3ED26C0]test.xml (210 bytes) Download Attachment<http://apache-xml-project.6118.n7.nabble.com/attachment/41694/1/test.xml> [cid:image001.png@01D0454E.E3ED26C0]TestTSLXmlSigner.java (1K) Download Attachment<http://apache-xml-project.6118.n7.nabble.com/attachment/41694/2/TestTSLXmlSigner.java> [cid:image001.png@01D0454E.E3ED26C0]tsl_xml_sign.der (1K) Download Attachment<http://apache-xml-project.6118.n7.nabble.com/attachment/41694/3/tsl_xml_sign.der> [cid:image001.png@01D0454E.E3ED26C0]tsl_xml_sign.crt (1K) Download Attachment<http://apache-xml-project.6118.n7.nabble.com/attachment/41694/4/tsl_xml_sign.crt> ________________________________ View this message in context: AW: [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3<http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41694.html> Sent from the Apache XML - Security - Dev mailing list archive<http://apache-xml-project.6118.n7.nabble.com/Apache-XML-Security-Dev-f33675.html> at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com ________________________________ If you reply to this email, your message will be added to the discussion below: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41695.html To unsubscribe from [VOTE] - Release Apache Santuario - XML Security for Java 2.0.3, click here<http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=41648&code=dG9iaWFzLndvbGZAdC1zeXN0ZW1zLmNvbXw0MTY0OHwxNjQxMTM5MzQ2>. NAML<http://apache-xml-project.6118.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> image001.png (2K) <http://apache-xml-project.6118.n7.nabble.com/attachment/41697/0/image001.png> TestTSLAPI.zip (7M) <http://apache-xml-project.6118.n7.nabble.com/attachment/41697/1/TestTSLAPI.zip> -- View this message in context: http://apache-xml-project.6118.n7.nabble.com/VOTE-Release-Apache-Santuario-XML-Security-for-Java-2-0-3-tp41648p41697.html Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.
