Hi, > Is it at least possible to define a custom namespace for the ID?
No, as far as I know. > Is the ID included during the calculation of the signature? Yes. Colm. On Thu, Jun 25, 2015 at 10:25 AM, etlam nahkcip < [email protected]> wrote: > No, since the schema is hold by a foreign service not maintained by me. > > Is it at least possible to define a custom namespace for the ID? > Is the ID included during the calculation of the signature? > > 2015-06-25 10:52 GMT+02:00 Colm O hEigeartaigh <[email protected]>: > >> >> This is how XML Signature references content that is signed in the same >> document. Can you amend your schema with something like: >> >> <attribute name="Id" type="ID" use="optional"/> >> >> Colm. >> >> >> On Thu, Jun 25, 2015 at 7:59 AM, etlam nahkcip < >> [email protected]> wrote: >> >>> Hi, >>> >>> I am trying to sign a XML-Message with help of Apache Santuario. >>> >>> What I'd like to achieve is having an Enveloped Signature. >>> >>> This is working so far, what's an Issue though, is that Santuario is >>> putting an ID field into the elements. >>> This ID field is not assigned to a namespace, which in my usacese leads >>> to an invalid XML, since it can't be verified with the given XSD. >>> >>> Even with the demo which is provided on >>> https://github.com/coheigea/testcases/tree/master/apache/santuario/santuario-xml-signature >>> >>> I can't see that there is a namespace assigned to the ID. >>> >>> Example Output: >>> >>> <PurchaseOrder xmlns="urn:example:po"> >>> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"; >>> Id="Gaedee093-cfca-400c-b436-89dc426c0418"> >>> <dsig:SignedInfo> >>> <dsig:CanonicalizationMethod >>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> >>> <dsig:SignatureMethod Algorithm=" >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> >>> <dsig:Reference URI="#G5ee3b986-92b3-4c05-a23d-268dd04c4d8a"> >>> <dsig:Transforms> >>> <dsig:Transform Algorithm=" >>> http://www.w3.org/2001/10/xml-exc-c14n#"; /> >>> </dsig:Transforms> >>> <dsig:DigestMethod Algorithm=" >>> http://www.w3.org/2000/09/xmldsig#sha1"; /> >>> <dsig:DigestValue>DigestValue</dsig:DigestValue> >>> </dsig:Reference> >>> </dsig:SignedInfo> >>> <dsig:SignatureValue>SignatureValue</dsig:SignatureValue> >>> <dsig:KeyInfo Id="G18aed097-5cbc-48da-94ff-fdfca5a0b3b9"> >>> <dsig:X509Data> >>> <dsig:X509Certificate>CertValue</dsig:X509Certificate> >>> </dsig:X509Data> >>> </dsig:KeyInfo> >>> </dsig:Signature> >>> <Items> >>> <Item Code="001-001-001" Quantity="1"> >>> spade >>> </Item> >>> <Item Code="001-001-002" Quantity="1"> >>> shovel >>> </Item> >>> </Items> >>> <ShippingAddress> >>> Dig PLC, 1 First Ave, Dublin 1, Ireland >>> </ShippingAddress> >>> <PaymentInfo Id="G5ee3b986-92b3-4c05-a23d-268dd04c4d8a"> >>> <BillingAddress> >>> Dig PLC, 1 First Ave, Dublin 1, Ireland >>> </BillingAddress> >>> <CreditCard Type="Amex"> >>> <Name>Foo B Baz</Name> >>> <Number>1234 567890 12345</Number> >>> <Expires Month="1" Year="2005" /> >>> </CreditCard> >>> </PaymentInfo> >>> </PurchaseOrder> >>> >>> Is there any way to exclude the ID or to assign it to a namespace? >>> >>> Best Regards >>> >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
