Modified: juddi/trunk/juddi-client/src/main/resources/xsd/uddi-client.xsd URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/main/resources/xsd/uddi-client.xsd?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/main/resources/xsd/uddi-client.xsd (original) +++ juddi/trunk/juddi-client/src/main/resources/xsd/uddi-client.xsd Tue Nov 12 02:56:09 2013 @@ -164,7 +164,7 @@ </xsd:documentation></xsd:annotation> </xsd:element> - <xsd:element type="xsd:string" name="signatureMethod" default="RSA_SHA1"> + <xsd:element type="xsd:string" name="signatureMethod" default="http://www.w3.org/2000/09/xmldsig#rsa-sha1";> <xsd:annotation><xsd:documentation>default is RSA_SHA1</xsd:documentation></xsd:annotation> </xsd:element> <xsd:element type="xsd:string" name="XML_DIGSIG_NS" default="http://www.w3.org/2000/09/xmldsig#";></xsd:element> @@ -187,6 +187,11 @@ <xsd:element type="xsd:boolean" name="checkTrust" default="true"></xsd:element> <xsd:element type="xsd:boolean" name="checkRevocationCRL" default="false"></xsd:element> <xsd:element type="xsd:boolean" name="checkRevocationOCSP" default="false"></xsd:element> + <xsd:element type="xsd:boolean" name="keyInfoInclusionSubjectDN" default="false"></xsd:element> + <xsd:element type="xsd:boolean" name="keyInfoInclusionSerial" default="false"></xsd:element> + <xsd:element type="xsd:boolean" name="keyInfoInclusionBase64PublicKey" default="false"></xsd:element> + <xsd:element type="xsd:string" name="digestMethod" default="http://www.w3.org/2000/09/xmldsig#sha1";></xsd:element> + </xsd:sequence> </xsd:complexType> </xsd:element>
Modified: juddi/trunk/juddi-client/src/test/java/org/apache/juddi/v3/client/DigSigUtilTest.java URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/java/org/apache/juddi/v3/client/DigSigUtilTest.java?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/java/org/apache/juddi/v3/client/DigSigUtilTest.java (original) +++ juddi/trunk/juddi-client/src/test/java/org/apache/juddi/v3/client/DigSigUtilTest.java Tue Nov 12 02:56:09 2013 @@ -47,23 +47,31 @@ public class DigSigUtilTest { Default(); } - void Default() throws CertificateException { - ds = new DigSigUtil(); - SetCertStoreSettigns(); - ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "t"); - } - void SetCertStoreSettigns(){ + void SetCertStoreSettigns() { ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE, "./src/test/resources/keystore.jks"); ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILETYPE, "JKS"); ds.put(DigSigUtil.SIGNATURE_KEYSTORE_FILE_PASSWORD, "Test"); ds.put(DigSigUtil.SIGNATURE_KEYSTORE_KEY_ALIAS, "Test"); - ds.put(DigSigUtil.TRUSTSTORE_FILE, "./src/test/resources/truststore.jks"); ds.put(DigSigUtil.TRUSTSTORE_FILETYPE, "JKS"); ds.put(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, "Test"); - - + + + } + + void Default() throws CertificateException { + ds = new DigSigUtil(); + SetCertStoreSettigns(); + ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "t"); + } + + void Everything() throws CertificateException { + ds = new DigSigUtil(); + SetCertStoreSettigns(); + ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_BASE64, "t"); + ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SUBJECTDN, "t"); + ds.put(DigSigUtil.SIGNATURE_OPTION_CERT_INCLUSION_SERIAL, "t"); } void SubjectDNOnly() throws CertificateException { @@ -80,7 +88,7 @@ public class DigSigUtilTest { @Test public void testSignBusinessSubjectDNOnly() throws CertificateException { - + SubjectDNOnly(); System.out.println("testSignBusinessSubjectDNOnly signing"); BusinessEntity be = new BusinessEntity(); @@ -109,7 +117,34 @@ public class DigSigUtilTest { public void testSignBusinessSerialAndIssuerOnly() throws CertificateException { System.out.println("testSignBusinessSerialAndIssuerOnly signing"); SerialAndIssuerOnly(); - + + BusinessEntity be = new BusinessEntity(); + be.setBusinessKey("uddi:juddi.apache.org:testkey"); + be.setDiscoveryURLs(new DiscoveryURLs()); + be.getDiscoveryURLs().getDiscoveryURL().add(new DiscoveryURL("website", "http://localhost";)); + be.getDescription().add(new Description("a description", "en")); + be.getName().add(new Name("My biz", "en")); + + BusinessEntity signUDDI_JAXBObject = ds.signUddiEntity(be); + DigSigUtil.JAXB_ToStdOut(signUDDI_JAXBObject); + Assert.assertNotSame("items are the same", be, signUDDI_JAXBObject); + //System.out.println("verifing"); + AtomicReference<String> msg = new AtomicReference<String>(); + boolean verifySigned_UDDI_JAXB_Object = ds.verifySignedUddiEntity(signUDDI_JAXBObject, msg); + if (verifySigned_UDDI_JAXB_Object) { + //System.out.println("signature validation passed (expected)"); + } else { + System.out.println("signature validation failed (not expected)"); + Assert.fail(msg.get()); + } + validAllSignatureElementsArePresent(signUDDI_JAXBObject.getSignature()); + } + + @Test + public void testSignBusinessEverything() throws CertificateException { + System.out.println("testSignBusinessEverything signing"); + Everything(); + BusinessEntity be = new BusinessEntity(); be.setBusinessKey("uddi:juddi.apache.org:testkey"); be.setDiscoveryURLs(new DiscoveryURLs()); Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/subscription.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/subscription.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/subscription.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/subscription.xml Tue Nov 12 02:56:09 2013 @@ -65,7 +65,7 @@ <service bindingKey="uddi:juddi.apache.org:servicebindings-subscriptionlistener-ws" fromClerk="default" toClerk="medroot"/> </xregister> </clerks> - <signature> + <signature> <!-- signing stuff --> <signingKeyStorePath>keystore.jks</signingKeyStorePath> <signingKeyStoreType>JKS</signingKeyStoreType> @@ -76,10 +76,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -89,6 +93,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:org.apache.juddi:test</keyDomain> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback1.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback1.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback1.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback1.xml Tue Nov 12 02:56:09 2013 @@ -27,30 +27,38 @@ <clerk name="default" node="default" publisher="root" password="root"/> </clerks> <signature> - <!-- signing stuff --> - <signingKeyStorePath>keystore.jks</signingKeyStorePath> - <signingKeyStoreType>JKS</signingKeyStoreType> - <signingKeyStoreFilePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> - <signingKeyPassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> - <signingKeyAlias>my special key</signingKeyAlias> - <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> - <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> - <trustStorePath>truststore.jks</trustStorePath> - <trustStoreType>JKS</trustStoreType> - <trustStorePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> + <!-- signing stuff --> + <signingKeyStorePath>keystore.jks</signingKeyStorePath> + <signingKeyStoreType>JKS</signingKeyStoreType> + <signingKeyStoreFilePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> + <signingKeyPassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> + <signingKeyAlias>my special key</signingKeyAlias> + + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> + <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> + <trustStorePath>truststore.jks</trustStorePath> + <trustStoreType>JKS</trustStoreType> + <trustStorePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> - <checkTimestamps>true</checkTimestamps> - <checkTrust>true</checkTrust> - <checkRevocationCRL>true</checkRevocationCRL> - </signature> + <checkTimestamps>true</checkTimestamps> + <checkTrust>true</checkTrust> + <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> + </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> <listenUrl>http://localhost:4444/callback</listenUrl> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback2.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback2.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback2.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback2.xml Tue Nov 12 02:56:09 2013 @@ -27,30 +27,38 @@ <clerk name="default" node="default" publisher="root" password="root"/> </clerks> <signature> - <!-- signing stuff --> - <signingKeyStorePath>keystore.jks</signingKeyStorePath> - <signingKeyStoreType>JKS</signingKeyStoreType> - <signingKeyStoreFilePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> - <signingKeyPassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> - <signingKeyAlias>my special key</signingKeyAlias> - <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> - <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> - <trustStorePath>truststore.jks</trustStorePath> - <trustStoreType>JKS</trustStoreType> - <trustStorePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> + <!-- signing stuff --> + <signingKeyStorePath>keystore.jks</signingKeyStorePath> + <signingKeyStoreType>JKS</signingKeyStoreType> + <signingKeyStoreFilePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> + <signingKeyPassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> + <signingKeyAlias>my special key</signingKeyAlias> + + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> + <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> + <trustStorePath>truststore.jks</trustStorePath> + <trustStoreType>JKS</trustStoreType> + <trustStorePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> - <checkTimestamps>true</checkTimestamps> - <checkTrust>true</checkTrust> - <checkRevocationCRL>true</checkRevocationCRL> - </signature> + <checkTimestamps>true</checkTimestamps> + <checkTrust>true</checkTrust> + <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> + </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> <listenUrl></listenUrl> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback3.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback3.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback3.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi-subcallback3.xml Tue Nov 12 02:56:09 2013 @@ -27,30 +27,38 @@ <clerk name="default" node="default" publisher="root" password="root"/> </clerks> <signature> - <!-- signing stuff --> - <signingKeyStorePath>keystore.jks</signingKeyStorePath> - <signingKeyStoreType>JKS</signingKeyStoreType> - <signingKeyStoreFilePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> - <signingKeyPassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> - <signingKeyAlias>my special key</signingKeyAlias> - <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> - <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> - <trustStorePath>truststore.jks</trustStorePath> - <trustStoreType>JKS</trustStoreType> - <trustStorePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> + <!-- signing stuff --> + <signingKeyStorePath>keystore.jks</signingKeyStorePath> + <signingKeyStoreType>JKS</signingKeyStoreType> + <signingKeyStoreFilePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> + <signingKeyPassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> + <signingKeyAlias>my special key</signingKeyAlias> + + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> + <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> + <trustStorePath>truststore.jks</trustStorePath> + <trustStoreType>JKS</trustStoreType> + <trustStorePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> - <checkTimestamps>true</checkTimestamps> - <checkTrust>true</checkTrust> - <checkRevocationCRL>true</checkRevocationCRL> - </signature> + <checkTimestamps>true</checkTimestamps> + <checkTrust>true</checkTrust> + <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> + </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> <listenUrl>asdasd://somebackprotocol:123122221/something</listenUrl> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi.xml Tue Nov 12 02:56:09 2013 @@ -71,30 +71,38 @@ </xregister> </clerks> <signature> - <!-- signing stuff --> - <signingKeyStorePath>keystore.jks</signingKeyStorePath> - <signingKeyStoreType>JKS</signingKeyStoreType> - <signingKeyStoreFilePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> - <signingKeyPassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> - <signingKeyAlias>my special key</signingKeyAlias> - <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> - <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> - <trustStorePath>truststore.jks</trustStorePath> - <trustStoreType>JKS</trustStoreType> - <trustStorePassword - isPasswordEncrypted="false" - cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> + <!-- signing stuff --> + <signingKeyStorePath>keystore.jks</signingKeyStorePath> + <signingKeyStoreType>JKS</signingKeyStoreType> + <signingKeyStoreFilePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyStoreFilePassword> + <signingKeyPassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> + <signingKeyAlias>my special key</signingKeyAlias> + + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> + <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> + <trustStorePath>truststore.jks</trustStorePath> + <trustStoreType>JKS</trustStoreType> + <trustStorePassword + isPasswordEncrypted="false" + cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> - <checkTimestamps>true</checkTimestamps> - <checkTrust>true</checkTrust> - <checkRevocationCRL>true</checkRevocationCRL> - </signature> + <checkTimestamps>true</checkTimestamps> + <checkTrust>true</checkTrust> + <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> + </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> <listenUrl>http://MyHostname:4444/callback</listenUrl> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi2.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi2.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi2.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi2.xml Tue Nov 12 02:56:09 2013 @@ -59,10 +59,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -72,6 +76,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-client/src/test/resources/META-INF/uddi3-enc-aes128.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-client/src/test/resources/META-INF/uddi3-enc-aes128.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-client/src/test/resources/META-INF/uddi3-enc-aes128.xml (original) +++ juddi/trunk/juddi-client/src/test/resources/META-INF/uddi3-enc-aes128.xml Tue Nov 12 02:56:09 2013 @@ -64,19 +64,27 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword> - <checkTimestamps>true</checkTimestamps> + <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-examples/hello-world/src/main/resources/META-INF/hello-world-uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-examples/hello-world/src/main/resources/META-INF/hello-world-uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-examples/hello-world/src/main/resources/META-INF/hello-world-uddi.xml (original) +++ juddi/trunk/juddi-examples/hello-world/src/main/resources/META-INF/hello-world-uddi.xml Tue Nov 12 02:56:09 2013 @@ -38,10 +38,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -51,6 +55,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-examples/simple-browse/src/main/resources/META-INF/simple-browse-uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-examples/simple-browse/src/main/resources/META-INF/simple-browse-uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-examples/simple-browse/src/main/resources/META-INF/simple-browse-uddi.xml (original) +++ juddi/trunk/juddi-examples/simple-browse/src/main/resources/META-INF/simple-browse-uddi.xml Tue Nov 12 02:56:09 2013 @@ -38,10 +38,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -51,6 +55,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/sales-uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/sales-uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/sales-uddi.xml (original) +++ juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/sales-uddi.xml Tue Nov 12 02:56:09 2013 @@ -44,10 +44,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -57,6 +61,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/uddi-annotations.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/uddi-annotations.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/uddi-annotations.xml (original) +++ juddi/trunk/juddi-examples/uddi-annotations/src/main/resources/META-INF/uddi-annotations.xml Tue Nov 12 02:56:09 2013 @@ -43,10 +43,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -56,6 +60,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> Modified: juddi/trunk/juddi-gui/src/main/resources/META-INF/uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/resources/META-INF/uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-gui/src/main/resources/META-INF/uddi.xml (original) +++ juddi/trunk/juddi-gui/src/main/resources/META-INF/uddi.xml Tue Nov 12 02:56:09 2013 @@ -34,7 +34,7 @@ </node> </nodes> <signature> - <!-- signing stuff, not used by juddi-gui --> + <!-- signing stuff, is used by juddi-gui --> <signingKeyStorePath>keystore.jks</signingKeyStorePath> <signingKeyStoreType>JKS</signingKeyStoreType> <signingKeyStoreFilePassword @@ -46,12 +46,13 @@ <signingKeyAlias>my special key</signingKeyAlias> <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> <!-- validation stuff This part is used by juddi-gui whenever someone views an entity that is signed --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -61,6 +62,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <!-- not used by juddi-gui--> <subscriptionCallbacks> Modified: juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml (original) +++ juddi/trunk/juddi-gui/src/main/webapp/WEB-INF/web.xml Tue Nov 12 02:56:09 2013 @@ -3,7 +3,8 @@ <display-name>jUDDI Graphical User Interface (juddi-gui)</display-name> <description>This is an end user web application for an implementation of OASIS's UDDI v3 specification</description> - <distributable /> + <!-- This may cause issues in some containers, if it complains about a non serializable object, comment this out + <distributable /> --> <listener> <!-- this class setups the encryption key for the session--> Modified: juddi/trunk/uddi-tck/src/main/resources/META-INF/uddi.xml URL: http://svn.apache.org/viewvc/juddi/trunk/uddi-tck/src/main/resources/META-INF/uddi.xml?rev=1540929&r1=1540928&r2=1540929&view=diff ============================================================================== --- juddi/trunk/uddi-tck/src/main/resources/META-INF/uddi.xml (original) +++ juddi/trunk/uddi-tck/src/main/resources/META-INF/uddi.xml Tue Nov 12 02:56:09 2013 @@ -110,10 +110,14 @@ isPasswordEncrypted="false" cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</signingKeyPassword> <signingKeyAlias>my special key</signingKeyAlias> + <canonicalizationMethod>http://www.w3.org/2001/10/xml-exc-c14n#</canonicalizationMethod> - <signatureMethod>RSA_SHA1</signatureMethod> + <signatureMethod>http://www.w3.org/2000/09/xmldsig#rsa-sha1</signatureMethod> <XML_DIGSIG_NS>http://www.w3.org/2000/09/xmldsig#</XML_DIGSIG_NS> - <!-- validation stuff --> + + <!-- validation stuff + Used whenever someone views an entity that is signed and validation is required --> + <!-- if this doesn't exist or is incorrect, the client will atempt to load the standard jdk trust store--> <trustStorePath>truststore.jks</trustStorePath> <trustStoreType>JKS</trustStoreType> <trustStorePassword @@ -123,6 +127,10 @@ <checkTimestamps>true</checkTimestamps> <checkTrust>true</checkTrust> <checkRevocationCRL>true</checkRevocationCRL> + <keyInfoInclusionSubjectDN>false</keyInfoInclusionSubjectDN> + <keyInfoInclusionSerial>false</keyInfoInclusionSerial> + <keyInfoInclusionBase64PublicKey>true</keyInfoInclusionBase64PublicKey> + <digestMethod>http://www.w3.org/2000/09/xmldsig#sha1</digestMethod> </signature> <subscriptionCallbacks> <keyDomain>uddi:somebusiness</keyDomain> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
