Thank you for including the code, it was a great honour.
I'm currently working in other optimization, again in Transforms class, it
seems that this class is invoked a lot(I´m optimizing a Liberty
implementation, not based in opensaml, for Ericsson). The method ispublic Transform
item(int i) is ca
Thank you for including the code, it was a great honour.
I'm currently working in other optimization, again in Transforms class, it
seems that this class is invoked a lot(I´m optimizing a Liberty
implementation, not based in opensaml, for Ericsson). The method ispublic Transform
item(int i) is ca
> Last patch wasn't soo spectacular, but the first second to last was
> pretty good again. Got a build on my laptop from 14.11 to 11.41 :-)
> I was working on the laptop, so results aren't too reliable though.
>
Thank you.
>> That is my last easy patch, I will try to go inside
>> Canonicalizer20
> Dims,
>
> I just tried to apply your new code for Merlin-23 and it's flushed out
> that the mega-sample target is now throwing an exception when it
> creates a non XSLT target (and so is the new 23).
>
> I think this is something to do with the new optimisations, but I'll
> try and track it dow
> Dims,
>
> I just tried to apply your new code for Merlin-23 and it's flushed out
> that the mega-sample target is now throwing an exception when it
> creates a non XSLT target (and so is the new 23).
>
> I think this is something to do with the new optimisations, but I'll
> try and track it dow
> Hello,
>
> I am trying to sign the attached SAML document using the improved
> performance jar and got the following error. Could you give a clue as
> to why ?
>
I think this one of the jar i send with the patches, please can you
download the CVS code and try again(there are bugfixes in the CVS,
> Hi Raul,
>
> here's an attempt to help you further:
>
> from the spec:
> Namespace Nodes- A namespace node N is ignored if the nearest ancestor
> element of the node's parent element that is in the node-set has a
> namespace node in the node-set with the same local name and value as N.
> Otherwis
>> Hmm, canonicalizer... but, hmm, I am not using any canonicalizer.
>
> You are, by definition, there's always at least the top level c14n of
> the SignedInfo element. The part that confuses me is that I thought the
> default there would be Inclusive, not Exclusive, which shouldn't be
> stripping
On 25/05/2004, at 8:40, Dittmann Werner wrote:
All,
just a short note about Base64. I use the Base64 of XML
security in WSS4J functions and it works perfectly. Any
reason why to use the Xerces implementation?
In addition the Base64 of XML security provides a way
to control line wrap, that is if I c
>> and what about the sun.misc.BASE64Decoder
>
> And what if you're not on that JDK? The problem with using any other
> decoder, including Xerces', is that not everybody uses those components.
> Until Sun standardizes a BASE64 API in the JDK, there's no good answer.
>
> -- Scott
>
>
What abou
> All,
>
> a question to the c14 gurus on the list.
>
> I set up an Element node and set the default namespace
> to "" using the following code:
>
>elem.setAttributeNS(WSConstants.XMLNS_NS, "xmlns", "");
>
> This seems to work.
>
> The element is c14n'ed using the following code:
>
>XMLUtil
> Raul,
> thanks.
>
> However, the element that I create is a top level
> elemen, i.e. an apex node (as far as I understand the
> c14n specs). According to the WSS specs
>
>
> * Finally, employ the canonicalization method specified as a parameter to
> the transform to
> serialize N to produce the
On 27/05/2004, at 17:34, Dittmann Werner wrote:
Raul,
already tried that hack, the problem with that is that
c14n outputs either a byte buffer that is the XML
docu as String or as a node set - this has to be
serialized then deadlock.
Well, I try to ask the WSS guys how they think this
problem c
> Berin,
>
> well I don't know if it is the same reason as for
> encryption. During the discussion I also asked
> one of the WSS gurus about the topic. Here is his
> answer to my question:
>
>
> This behaviour is absolutely necessary in order that exclusive
> canonicalization can function correctl
> I observed a regression in the ElementProxy.getTextFromChildElement()
> method.
> I've attached the patch for the bug.
> I just wanted to get a second word before I check it in.
>
> Thanks,
> Vishal
>
Thanks Vishal,
I've forgot a the getFirstChild(), anyway I had fill a bugzilla entry,
that
>
> Thanks for the quick response. I did use the XPATH transform to select
> the proper node set to sign in both cases. I just tried some experiments
> and find out that you need to put the exclusive c14n AFTER xpath
> transformation in order for the embedded signature verification to
> succeed. It
Hi,
It seems we cannot get rid of this mail report ;).
From what I see the compilation has worked but the test cases doesn't
run at all. I have investigate this report a bit, and it seems that the
test source code are neither nor include in the classpath nor
compiled(see bellow).
Anyone ha
> Berin,
>
>> Hmm, don't like that! Can you send me the full document as an
>> attachment? The library definitely supports WithComments, so it
>> shouldn't be an issue there.
> I belive I've found what the problem is. Interoperability between Java &
> C++ libraries fails when there is XML pre pro
> Hello Raul,
>
>> I supose that the original document has the PI, right?.
> No, I don't have any additional PIs except this one:
>
> http://www.setcce.org";?>
>
> I've attached XML file with my previous post.
>
> Best regards,
> Milan
>
>
>
Ok,
The error seems to be that as the PI is the first
> Hi,
>
> Milan posted two signed (enveloped) XML files signed in java (see
> attachment). One is with stylesheet and other without it. Both signatures
> are valid verified by java libraries. File "test_with_stylesheet_java.xml"
> is not valid verified by C++ libraries.
>
> Is XML signature "test_
> Part of code:
>
> Document doc = db.parse(toSign);
> Element root = doc.getDocumentElement();
> XMLSignature sig = new XMLSignature(doc,
> null,XMLSignature.ALGO_ID_SIGNATURE_RSA);
> root.appendChild(sig.getElement());
> Transforms transforms = new Transforms(doc);
>
> I've just run these two sample files against the CVS Java library. The
> "with" file fails to verify, but the "without" is fine.
>
> Dumping the post transformation bytes, I get the same output as the C++
> library - in particular the PI stuff is output. With the Java 1.1
> library, I don't get
> try latest cvs or drop latest xalan into your jre\lib\endorsed.
>
> -- dims
>
As JDK 1.4.2_05 it is a shipping product, perhaps it´s time to do a 1.2
beta release, or at least do a 1.1JDK1.4.2.02 with only the reflection
patch.
I rather the 1.2 beta with all the optimizations so they are teste i
> Hi all,
>
> my application loops in the X509Data(Element element, String BaseURI)
> constructor of the org.apache.xml.security.keys.content.X509Data class.
> Adding
>
> sibling=sibling.getNextSibling();
>
> before the end of the 'while' (line 116), fixed it for me. So probably
> it would fix this
This bug is fixed in
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=30455 I will try to
back ported it tonight.
On 12/08/2004, at 21:28, Sean Mullan wrote:
Hi,
There's a new bug (well somewhat recent - it is a regression from the
1.1 release) in Canonicalizer.canonicalizeSubtree(Node) whe
On 30/09/2004, at 22:15, Joris Wijlens wrote:
Hi,
Is version 1.2 still going to be compatible with jre 1.3. I tried to
compile HEAD from CVS (30-sep-2004) with a sdk 1.3 compiler and got
these messages:
[javac]
D:
\workspace\xml_sec_cvs\src\org\apache\xml\security\c14n\implementations
\Can
On 30/09/2004, at 17:01, Joris Wijlens wrote:
Hi there,
I'm using the XML-security package for a Java project.
I have this problem with as you describe it "vanishing attribute namespace prefixes". I tried the workaround (described in Mikolaj Habryn's message of Thu, 16 Sep 2004 19:05:56) but th
On 02/10/2004, at 2:33, Berin Lautenbach wrote:
Is anyone else able to get a clean "ant test" to run? I turn up
errors all over the shop - even with the subset "ant test_xenc".
Cheers,
Berin
I just run all the test from eclipse env I just run AllTest.java, I
don't have the code here. Pe
Sure, it's pasted below, minus some Eclipse junk. The crash is in the
Manifest.verifyReferences method when it checks the size of the
references
array. That array is null, unless you parse the SignedInfo from text
into a
DOM. It doesn't get initialized when the signature objects are built
dur
On 11/11/2004, at 10:19, Centeno Martinez, Fernando wrote:
Hello
I was testing the new xml security version 1.2, and I've found a
strange thing.
I was verifying a file. This file had got an incorrect signature with
previous versions, and now with the new version the verify says the
signature is
30 matches
Mail list logo
