write the C14n method used to serlaize.
> By default the code uses C14n with comments to serialize.
>
> Regards,
> Werner
>
> > -Ursprüngliche Nachricht-
> > Von: Davanum Srinivas [mailto:[EMAIL PROTECTED]
> > Gesendet: Dienstag, 3. Februar 20
> Gesendet: Dienstag, 3. Februar 2004 17:14
> An: [EMAIL PROTECTED]
> Betreff: RE: AW: AW: AW: Verification after decrypt
>
>
> Exactly my point.
> org.apache.xml.serialize.XMLSerializer,OutputFormat is used
> ONLY in one file
> namely XMLCipher.java. We are b
Exactly my point. org.apache.xml.serialize.XMLSerializer,OutputFormat is used ONLY in
one file
namely XMLCipher.java. We are better off gaining compatability with any JAXP
compatible parser. We
are forcing people to use a specific xerces version EVEN if they have other parsers in
their
environm
Surely it's better to say "if you have this bug then download a version of
Xerces greater than x.x" rather than "fixing" a bug in someone else's code
with a hack in yours? That's just asking for maintenance headaches isn't
it?
Well.. right now we are dependent on Xerces for a single tiny Xerces-onl
--
From: Davanum Srinivas [mailto:[EMAIL PROTECTED]
Sent: 03 February 2004 15:11
To: [EMAIL PROTECTED]
Subject: Re: AW: AW: AW: Verification after decrypt
Werner,
We can't depend on a specific version of Xerces EVEN if they fix problems in
their code. So is
there a possibility of patching xml-se
atter function with new patch)
Regards,
Werner
> -Ursprüngliche Nachricht-
> Von: Davanum Srinivas [mailto:[EMAIL PROTECTED]
> Gesendet: Dienstag, 3. Februar 2004 16:11
> An: [EMAIL PROTECTED]
> Betreff: Re: AW: AW: AW: Verification after decrypt
>
>
> Werner,
>
on: Berin Lautenbach [mailto:[EMAIL PROTECTED]
> > Gesendet: Dienstag, 3. Februar 2004 12:30
> > An: [EMAIL PROTECTED]
> > Betreff: Re: AW: AW: Verification after decrypt
> >
> >
> > Ahh. Yes. Apologies - had forgotten the part about the bug!
> >
12:30
> An: [EMAIL PROTECTED]
> Betreff: Re: AW: AW: Verification after decrypt
>
>
> Ahh. Yes. Apologies - had forgotten the part about the bug!
>
> What think you - should we see if we can escalate with the Xerces
> people? Am happy to do so!
>
> Cheers,
>
iche Nachricht-
Von: Berin Lautenbach [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 2. Februar 2004 23:03
An: [EMAIL PROTECTED]
Betreff: Re: AW: Verification after decrypt
Werner,
I thought the problems were around CDATA and handling thereof when
decrypting and moving the decrypted byes back to DOM.
e the according fix in xml-sec (mailed some
time ago).
Regards,
Werner
> -Ursprüngliche Nachricht-
> Von: Berin Lautenbach [mailto:[EMAIL PROTECTED]
> Gesendet: Montag, 2. Februar 2004 23:03
> An: [EMAIL PROTECTED]
> Betreff: Re: AW: Verification after decrypt
>
>
t; Von: Hye-Jung Kim [mailto:[EMAIL PROTECTED]
> Gesendet: Montag, 2. Februar 2004 00:51
> An: [EMAIL PROTECTED]
> Betreff: Verification after decrypt
>
>
> Hello,
> I am trying to decrypt and verify data( signed & encrypted ) using the
> XML security suite and the signat
Hyejung,
At the moment the signature verification functions in both libraries do
not support a signature-decrypt style approach. If you first decrypt
the data and then separately check a signature you should be fine
(assuming you first signed and then encrypted the data originally). You
want
). There was a fix for one particular problem but not as
a
overall solution.
Regards,
Werner
-Ursprüngliche Nachricht-Von: Hye-Jung Kim
[mailto:[EMAIL PROTECTED] Gesendet: Montag, 2. Februar
2004 00:51An: [EMAIL PROTECTED]Betreff:
Verification after decrypt
Hello,
I am
Title: Message
Hello,
I am trying to decrypt and verify data( signed & encrypted
) using the XML security suite and the signature.checkSignatureValue(cert)
returns false which means the signature varification has failed. I am not sure
why it failed since verification for signed only data and
14 matches
Mail list logo
