[
https://issues.apache.org/jira/browse/CAMEL-13009?focusedWorklogId=175910&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-175910
]
ASF GitHub Bot logged work on CAMEL-13009:
------------------------------------------
Author: ASF GitHub Bot
Created on: 17/Dec/18 07:54
Start Date: 17/Dec/18 07:54
Worklog Time Spent: 10m
Work Description: oscerd closed pull request #2677: CAMEL-13009:
DigestMethod and DigestValue elements created either in …
URL: https://github.com/apache/camel/pull/2677
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git
a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XAdESSignatureProperties.java
b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XAdESSignatureProperties.java
index 594dbdb5903..909e13cd888 100644
---
a/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XAdESSignatureProperties.java
+++
b/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XAdESSignatureProperties.java
@@ -944,14 +944,14 @@ protected void addSignaturePolicyIdentifier(Document doc,
Element signedProperti
throw new XmlSignatureException(
"The XAdES-EPES configuration is invalid. The digest
algorithm for the signature policy is missing.");
}
- Element digestMethod = createDigSigElement("DigestMethod", doc,
input.getPrefixForXmlSignatureNamespace());
+ Element digestMethod = createElementNS(doc, input, "DigestMethod");
sigPolicyHash.appendChild(digestMethod);
setAttribute(digestMethod, "Algorithm",
getSignaturePolicyDigestAlgorithm());
if (getSignaturePolicyDigestValue() == null ||
getSignaturePolicyDigestValue().isEmpty()) {
throw new XmlSignatureException(
"The XAdES-EPES configuration is invalid. The digest
value for the signature policy is missing.");
}
- Element digestValue = createDigSigElement("DigestValue", doc,
input.getPrefixForXmlSignatureNamespace());
+ Element digestValue = createElementNS(doc, input, "DigestValue");
sigPolicyHash.appendChild(digestValue);
digestValue.setTextContent(getSignaturePolicyDigestValue());
@@ -1142,10 +1142,10 @@ protected void addCertificate(X509Certificate cert,
Element signedCertificate, D
String digest = calculateDigest(algorithm, cert.getEncoded());
Element certDigest = createElement("CertDigest", doc, input);
elCert.appendChild(certDigest);
- Element digestMethod = createDigSigElement("DigestMethod", doc,
input.getPrefixForXmlSignatureNamespace());
+ Element digestMethod = createElementNS(doc, input, "DigestMethod");
certDigest.appendChild(digestMethod);
setAttribute(digestMethod, "Algorithm",
getDigestAlgorithmForSigningCertificate());
- Element digestValue = createDigSigElement("DigestValue", doc,
input.getPrefixForXmlSignatureNamespace());
+ Element digestValue = createElementNS(doc, input, "DigestValue");
certDigest.appendChild(digestValue);
digestValue.setTextContent(digest);
@@ -1189,6 +1189,16 @@ protected String calculateDigest(String algorithm,
byte[] bytes) throws NoSuchAl
return new Base64().encodeAsString(digestBytes);
}
+ protected Element createElementNS(Document doc, Input input, String
elementName) {
+ Element digestMethod;
+ if
(HTTP_URI_ETSI_ORG_01903_V1_1_1.equals(findNamespace(input.getMessage()))) {
+ digestMethod = createElement(elementName, doc, input);
+ } else {
+ digestMethod = createDigSigElement(elementName, doc,
input.getPrefixForXmlSignatureNamespace());
+ }
+ return digestMethod;
+ }
+
protected Element createDigSigElement(String localName, Document doc,
String prefixForXmlSignatureNamespace) {
Element el = doc.createElementNS("http://www.w3.org/2000/09/xmldsig#";,
localName);
if (prefixForXmlSignatureNamespace != null &&
!prefixForXmlSignatureNamespace.isEmpty()) {
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 175910)
Time Spent: 20m (was: 10m)
> Error in generated XAdES 1.1.1 signature
> -----------------------------------------
>
> Key: CAMEL-13009
> URL: https://issues.apache.org/jira/browse/CAMEL-13009
> Project: Camel
> Issue Type: Bug
> Components: camel-xmlsecurity
> Affects Versions: 2.23.0
> Reporter: Konrad Jan Botor
> Priority: Minor
> Labels: XAdES
> Fix For: Future
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> XAdES XSD file defines, among the others, type
> {code:xml}
> DigestAlgAndValueType
> {code}
> In XAdES 1.1.1 this is defined as:
> {code:xml}
> <xsd:complexType name="DigestAlgAndValueType">
> <xsd:sequence>
> <xsd:element name="DigestMethod" type="ds:DigestMethodType"/>
> <xsd:element name="DigestValue" type="ds:DigestValueType"/>
> </xsd:sequence>
> </xsd:complexType>
> {code}
> and in later versions as:
> {code:xml}
> <xsd:complexType name="DigestAlgAndValueType">
> <xsd:sequence>
> <xsd:element ref="ds:DigestMethod"/>
> <xsd:element ref="ds:DigestValue"/>
> </xsd:sequence>
> </xsd:complexType>
> {code}
> Apache Camel always generates elements of this type according to the second
> definition, regardless of selected namespace. This may cause XAdES 1.1.1
> signature validation to fail.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
