Re: [Mono-dev] MonoListWrapper WIP - code review/feedback

2013-07-19 Thread Robert Jordan 

Hi,

On 18.07.2013 19:16, rf...@tbrf.net wrote:

I've been working on a little wrapper library for working with
System.Collections.Generic.ListT instances from native code. The
motivation is to provide a way for Mono embedders to easily design APIs
that use ListT instances as output buffers, whilst running as quickly
as possible and with minimal allocations. Presently I'm getting around a
30x speedup for bulk loading a chunk of data, compared to allocating a
new array to return that data in. Particular users I envision for this
are game engines like Unity3D.

Any chance I could get a review of what I've done so far? It's just a
couple of files, plus a short readme:

https://github.com/richard-fine/mono/tree/MonoListWrapper/contrib/MonoListWrapper


I'm interested in any there's a better way to do this observations,
suggestions for things I should add, ways to speed up the new-array
cases, bugs you can spot, or any generally un-Mono things about it.


Although I understand your motivation, I find that you're
exposing/using too much internals to make this wrapper
ready for public consumption with an unchanged Mono runtime.

You seem to have exposed mono/class-internals.h, which is
a no-go. Also, poking into ListT internals isn't quite
safe, as there is no written contract between runtime and BCL
regarding ListT.

It would be safer if you'd copy and rename ListT and provide
it together with your MonoListWrapper implementation.

Also, there are public mono_array_* macros that
you can use for accessing MonoArray* elements. You can still
use them unsafely (like taking the address of the first element
and access elements using pointer arithmetic) but at least
it won't poke into too much internals.

Robert

___
Mono-devel-list mailing list
Mono-devel-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-devel-list

Re: [Mono-dev] Bug in SignedXml.GetIdElement

2013-07-19 Thread Atsushi Eno 

(2013年07月17日 21:25), Jonathan Gagnon wrote:



On Tue, Jul 16, 2013 at 12:16 PM, Atsushi Eno 
atsushi...@veritas-vos-liberabit.com 
mailto:atsushi...@veritas-vos-liberabit.com wrote:


Jonathan Gagnon wrote:

It does not work when the SAML document is not referring to
any DTD.  In my case, I receive the following exception when I
call the CheckSignature method :

System.Security.Cryptography.CryptographicException: Malformed
reference object: [referenceId]
  at
System.Security.Cryptography.Xml.SignedXml.GetReferenceHash
(System.Security.Cryptography.Xml.Reference r, Boolean
check_hmac) [0x0] in filename unknown:0
  at
System.Security.Cryptography.Xml.SignedXml.CheckReferenceIntegrity
(System.Collections.ArrayList referenceList) [0x0] in
filename unknown:0
  at
System.Security.Cryptography.Xml.SignedXml.CheckSignatureInternal
(System.Security.Cryptography.AsymmetricAlgorithm key)
[0x0] in filename unknown:0
  at System.Security.Cryptography.Xml.SignedXml.CheckSignature
(System.Security.Cryptography.AsymmetricAlgorithm key)
[0x0] in filename unknown:0
  at TestSAML.Program.Main (System.String[] args) [0x0] in
filename unknown:0


Of course it happens because you should be processing
corresponding DTD or XML Schema.



The same code works in .NET and it does work if I modify the
GetIdElement method to check for ID.

So in your opinion, I should create a class that derives from
SignedXml and override GetIdElement?


I'm not sure I would like to answer yes (if you want to have ID
being processed) or no (you should actually process DTD or XSD).


I added references to the corresponding XSDs but it doesn't seem to 
help.  I'm still getting the same exception.


Because you didn't set up XmlDocument properly to process XSDs. (You're 
discussing you're doing right without showing code.)





It does fix the problem for me. But wouldn't it be better to
modify SignedXml.GetIdElement() to behave more like .NET so
that other users don't encounter the same problem?


I don't support any use of API that violates W3C specification.


From what I understand, the W3C specification is only about the 
signature part of a signed xml.  There is nothing regarding other 
parts of the signed XML, and the SAML standard defines the id 
differently.  So I'm not sure that supporting SAML ids would violate 
the W3C specification.


I don't understand your discussion. Any additional local attributes that 
do not conform to the XML Schema defined in xmldsig specification 
violates XML schema validation.


Atsushi Eno




Though I'm just pointing out the facts. There may be people who
want to take responsibility on the entire XML Signature stuff and
go ahead to apply the changes.

Atsushi Eno

Thanks,

Jonathan


On Tue, Jul 16, 2013 at 10:24 AM, Atsushi Eno
atsushi...@veritas-vos-liberabit.com
mailto:atsushi...@veritas-vos-liberabit.com
mailto:atsushi...@veritas-vos-liberabit.com
mailto:atsushi...@veritas-vos-liberabit.com wrote:

Whenever SAML document instance refers to its schema or
DTD that
will validate ID attribute as expected, since SignedXml
internally uses XmlDocument.GetElementById () which is
expected to
collect IDs where IDs means a validated ID by
XmlValidatingReader or any XmlReader that has
XmlReaderSettings to
consider XmlSchema or DTD. Hence that does not cause any
problem
for SAML.

(Also note that SignedXml implementation could override
SignedXml.GetIdElement(). Mono's WCF implementation makes
use of
it to support WS-Security ID attribute.)

Atsushi Eno

Jonathan Gagnon wrote:

This is true for the signature, but not true for SAML
assertions, where ids are defined as ID :


http://schemas.stylusstudio.com/saml/nea261b70/complexType_AssertionType.html

I don't know in which case we would need id in
lowercase,
but since .NET supports it, there is probably a valid
reason
for it too.

*Jonathan Gagnon*
Responsable des architectures systèmes
600, boulevard Armand-Frappier, bureau 200
Laval (Québec) H7V 4B4
Canada
T : 450-662-6101 tel:450-662-6101 tel:450-662-6101
tel:450-662-6101 poste 234
http://www.croesus.com