RE: Why namespace in SignedContentItem is removed ?

Wed, 05 Jun 2013 01:27:21 -0700 

Hi,

I could find one thing.

After creating XML document, 
calling normalizeDocument() solves this issue.

==================================================
    ...
    // add Signature into document
    e1.appendChild(sig.getElement());

    doc.normalizeDocument();

    //
    Transforms transforms = new Transforms(doc);
    ...
==================================================

This change of code generates output like below.

==================================================
--- Signed Content in Signature is missing namespace 'http://xxx.yyy.zzz/' from 
'myItem' ---
<myXml xmlns="http://aaa.bbb.ccc/"; xmlns:NS1="http://aaa.bbb.ccc/"; 
NS1:Id="signed"><myData><myItem 
xmlns="http://xxx.yyy.zzz/";>Item1</myItem></myData></myXml>
==================================================

<myItem> has its right namespace.

Is this a right way to solve this issue ?

Thanks.



From: Colm O hEigeartaigh [mailto:cohei...@apache.org] 
Sent: Wednesday, June 05, 2013 12:01 AM
To: dev@santuario.apache.org
Subject: Re: Why namespace in SignedContentItem is removed ?


What version of the library are you using to generate the Signature?

Colm.

On Tue, Jun 4, 2013 at 9:07 AM, Inoguchi, Kinichiro <kinichiro.inogu...@hp.com> 
wrote:
Hi,

Now I'm trying to work with detached and sibling XML signature.
I could sign to my XML, but I realized that SignedContentItem in
XMLSignature missed namespace I added.

Here is my XML document, and I signed to <myXml>.
<myXml> contains <myData>, and <myData> contains <myItem>.
<myItem> belongs to namespace "http://xxx.yyy.zzz/";.
============================================================
<myPayload xmlns="http://aaa.bbb.ccc/";>
    <myXml xmlns:ns0="http://aaa.bbb.ccc/"; ns0:Id="signed">
        <myData>
            <myItem xmlns="http://xxx.yyy.zzz/";>Item1</myItem>
        </myData>
    </myXml>
    <ds:Signature>
        ...
    </ds:Signature>
</myPayload>
============================================================

And SignedContentItem in XMLSignature was like below.
============================================================
<myXml xmlns="http://aaa.bbb.ccc/"; 
Id="signed"><myData><myItem>Item1</myItem></myData></myXml>
============================================================

I wonder why namespace is removed from <myItem>.
I'm afraid that this will causes wrong digest value calculation.

I've read the thread "vanishing attribute namespace prefixes",
but I couldn't get the conclusion by myself.

Does anyone tell me how to resolve this issue ?

I attached source code (TestMySignature.java)
and result (TestMySignature.txt).

Thanks.



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to