Hello,
thanks i knew this - i used this debugging tip here :
http://weblogs.java.net/blog/mullan/archive/2007/08/index.html
and saw the SignedInfo.getCanonicalizedData information.
It is possible that this is not the issue i have, because i havent figured out
how to debug the actual signed da
In case it isn't obvious (it wasn't to me at first), the fact that an
element appears as "" in the signed document does not mean those
are the bytes that were used in generating the signature. The point of
canonicalization is that a canonical form of the document is used to
calculate the hash, but
Harakiri wrote:
We created signatures using the SUN XML Signature APIs in JRE 5 Versions.
Hmm, which APIs are those? What software are you using?
Have you tried JRE 6 to see if the problem still exists?
Due to a bug in SUNs API we like to use the XML Security API from Apache.
However, all ou
Harakiri wrote on 2009-01-27:
> however it seems that java signed empty tags as:
>
>
>
> but apache security correctly validates as
>
>
>
> Since i cant just change existing signatures, how can I modify the apache
> xmldsig validation so that it will not compute the hash over the empty
tags
>
We created signatures using the SUN XML Signature APIs in JRE 5 Versions.
Due to a bug in SUNs API we like to use the XML Security API from Apache.
However, all our signatures are invalid through possibly a bug in java.
The signatures have been created with the following:
http://www.w3.org/TR/2
