Hi,
I have what I hope is a simple problem
I have recently upgraded to xsec 1.1
My call to sign() now fails
I traced the code and it fails in XSECURIResolverGenericWin32::resolveURI()
The reason it fails is because it thinks the URI is not to a localhost
The reason for this is that xmluri->getH
Hi Milan - thanks for your reply
1) The signature was created by the TSIK library (coincedentally being
discussed on this mailing list as we speak)
2) The public key is 1024bits DSA
3) From what I have read on the internet - quoted from
http://groups-beta.google.com/group/sci.crypt/browse
Do I understand correctly that this is a basically complete package that
is being donated to Apache? Does it have its own SOAP stack ..
o.a.tsik.messaging? If not how does this stuff plug into say Axis?
So my concerns are:
- does it use Axis? If not what's the connection to anything we
currently h
Hi Sanjiva, see inline
> Do I understand correctly that this is a basically complete
> package that is being donated to Apache? Does it have its own
> SOAP stack .. o.a.tsik.messaging? If not how does this stuff
> plug into say Axis?
It is a complete package that has its own Soap stack. It use
> Q) Is it a limitation in xml-security to only allow keys of length 40.
Number 40 is not a key length. DSA algorithm allows keys to be from 512
to 1024 bits (from 64 to 128 bytes) large and have to be multiple of 64
bits (8 bytes). DSA works only with SHA1 algorithm which is 20 bytes
large and o
Hi Steve,
Just to clear things:
1. You are verifying DSA signatures created by some other app/lib/person
and not by you using Apache XSEC C++ lib?
2. DSA key length used for that signature != 1024 bits?
Best regards,
Milan
> -Original Message-
> From: Cullum, Steve [mailto:[EMAIL PROT
