Regarding 40897 (String comparisons using '==' causes validation errors
with some parsers):
There are a few additional minor changes required to complete the fix.
ElementCheckerImpl.FullChecker needs to override the
isNamespaceElement() method (see attached diff). Plus there's at least
one an
There are quite a few JDK1.5 specific classes / features being used
currently like use of StringBuilder class, String.contains() method, etc.
Vishal
Hi Raul,
I have attached a couple of diffs that would also be required, without
which my tests fail. I am doing some more testing and will let you know
if I find anything more.
Thanks!
Vishal
on 1/2/2008 3:15 AM Raul Benito wrote:
Hello everybody and happy 2008,
I wish that this new year I
I have attached another instance of this string comparison problem that
was reported on wss4j list sometime back. The work-around is of course
to explicitly make sure that all standard namespace strings are interned
before messages are parsed.
Vishal
on 11/08/2007 8:16 PM Sean Mullan wrote:
When using TripleDES the resulting cipher text is prefixed by an
Initialization Vector (IV) which is probably different for the two
different wrap operations. Did you try and unwrap/decrypt the wrapped
key in the two cases and see if that results back in the same key?
Vishal
on 09/26/2007 5:36 PM
ing.
I want to take out all the comparisons with namespaces and let the API
user to decide how lax he wants to be with the strictness of the
elements. He can disable namespace checking altogether or do it with
== or equals()
I will post my ideas for discussing when I finish with 1.4 release.
On 11/5/06, V
2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>
Xeg55vRyK3ZhAEhEf+YT0z986L0=
Pete
Vishal Maha
Problem seems to be in this line:
final SecretKey unwrappedKey = (SecretKey)cipher.decryptKey(encryptedKey,
XMLCipher.RSA_v1dot5);
The second parameter to decryptKey method needs to be the symmetric key
algorithm.
Vishal
Peter Hendry wrote:
Sorry, I forgot the error produced in JDK 1.5
O
+1 from me.
Berin Lautenbach wrote:
Hi all - so far it's Dims and me. I need one more to make it
official
Cheers,
Berin
Davanum Srinivas wrote:
+1
On 11/19/06, Berin Lautenbach <[EMAIL PROTECTED]> wrote:
Hi all,
I want to do a cut of the C++ library with the new build process a
equals seems safer and should be comparable performance I
would think. But maybe I'm missing something?
--Sean
Vishal Mahajan wrote:
> Do others also have views on this discussion?
>
> Thanks,
> Vishal
>
> Vishal Mahajan wrote:
>> Hi Raul,
>>
>> The parse
Do others also have views on this discussion?
Thanks,
Vishal
Vishal Mahajan wrote:
Hi Raul,
The parser that I am working with clearly doesn't intern element
namespace strings which is the reason I ran into this problem. And
actually I am not sure whether it's a good idea for a
I think
will be the last resort.
Regards,
Raul
On 10/2/06, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
Any signature verification was failing for me, and I have a different
DOM implementation in my environment, so probably you are right. It was
such a basic error that it had to be something like
There are few more similar occurrences that I found (patch attached)
that should be fixed.
Vishal
Vishal Mahajan wrote:
Any signature verification was failing for me, and I have a different
DOM implementation in my environment, so probably you are right. It
was such a basic error that it had
I am compiling with 1.4. I think String.contains() was introduced only
in 1.5.
Vishal
Raul Benito wrote:
Hi Vishal,
Nice to see you again. We need to take a look to your karma.
Regarding this problem are you compiling with 1.3?
Regards,
On 10/2/06, Vishal Mahajan <[EMAIL PROTECTED]>
Vishal,
The namespaces strings are intern, at least in xerces.
Can you post the code that is failing?
On 10/2/06, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
This problem was not allowing successful creation of signature space
elements. Fix attached.
Vishal
Index: ElementProx
This problem was not allowing successful creation of signature space
elements. Fix attached.
Vishal
Index: ElementProxy.java
===
--- ElementProxy.java (revision 451991)
+++ ElementProxy.java (working copy)
@@ -281,7 +281,7 @@
I don't seem to have the commit access in svn, and it has been long
period of inactivity on the list for me. Anyways, attached is a small
compile error fix in the project main branch.
Vishal
Index: org/apache/xml/security/transforms/implementations/TransformXPath.java
=
Depends on the Sun JDK version being used. AFAIK, 1.4.2 does not
support both DESede/CBC/ISO10126Padding or RSA/ECB/PKCS1Padding, but
1.5 does.
Regarding instantiating XMLCipher (for performing XML encryption) for a
given algorithm and provider combination
XMLCipher.getProviderInstance(algorit
+1.
Raul Benito wrote:
Well, lets check the items for doing a release
-RC done a announced ... Done
-Not new Bugs in Bugzilla for about a week...Done.
-People not sending death threats because of the RC...Done
-More than week without traffic in security list...Done
-Vote called and agree..
seems to be
a bug in the sun jarverifier (I use the JRE 1.3 and 1.4).
So I thought that JCEMapper.setProviderId() method would save me !
-Message d'origine-
De : Vishal Mahajan [mailto:[EMAIL PROTECTED]
Envoyé : mardi 27 septembre 2005 11:51
À : security-dev@xml.apache.org
Objet
Did you try using the Security.insertProviderAt method?
Vishal
Julien TAUPIN wrote:
I thought that the only way to use my own JCA provider was to place it at
the first place of the providers with the following code :
Provider[] providers = Security.getProviders();
for(int i=0; i
sense to test the final bits as much as possible before they are
released. What are the guidelines? I don't necessarily think we need
to cut an RC2, but we should at least build an xmlsec.jar and make it
available for testing.
--Sean
Vishal Mahajan wrote:
Vishal Mahajan wrote:
Rau
Vishal Mahajan wrote:
Raul,
I have filed three bugs (with suggested patches) - 36638, 36639, and
36640, which I found recently.
I'll check-in the fix for each of these tomorrow
Done with the fixes.
Regards,
Vishal
and after that it's +1 from me.
Regards,
Vishal
Raul Be
Raul,
I have filed three bugs (with suggested patches) - 36638, 36639, and
36640, which I found recently.
I'll check-in the fix for each of these tomorrow and after that it's +1
from me.
Regards,
Vishal
Raul Benito wrote:
Sorry for the delay calling a vote but I've been really busy with m
nt to use a hardware provider i still need to configure it in
config.xml, right?
Where is the difference in how to integrate a hardware provider?
Jan
-Ursprüngliche Nachricht-
Von: Vishal Mahajan [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 7. September 2005 17:21
An: securit
config.xml. But this approach lacks some
flexibility.
In my setup i want to be able to switch between a software and a hardware
provider for signing with rsa-sha1.
In a posting from 2004 i read about a patch by Vishal Mahajan that
eliminates the
need for configuring providers in config.xml. Is
Did you add an entry like the following to the
"jre/lib/security/java.security" file before running the sample?
security.provider.=org.bouncycastle.jce.provider.BouncyCastleProvider
Vishal
[EMAIL PROTECTED] wrote:
Hi,
I'm hoping someone can help me with this error.
I get the following ou
child.
Thanks,
Vishal
so i can test it and include to the
testsuite for the future.
Regards
Raul
On 7/24/05, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
I observed a possible bug in the CanonicalizerBase class. If the node
passed to method canonicalizeSubTree(Node, NameSpaceSymbTable)
I observed a possible bug in the CanonicalizerBase class. If the node
passed to method canonicalizeSubTree(Node, NameSpaceSymbTable) is of
type DocumentFragment, currently an exception is thrown. I think the
behavior in such a case should be same as that for a Document type node.
Just wanted to
Try getting the "JCE Unlimited Strength Jurisdiction Policy Files" from
http://java.sun.com/j2se/1.5.0/download.jsp.
Vishal
Gilbert Pilz wrote:
Hi,
I just downloaded the Java version of XML Security 1.2.1, built it
under Eclipse and ran the unit tests. The following tests failed:
org.apac
In your encryption code you are using XMLCipher.TRIPLEDES for key
encryption, try using XMLCipher.TRIPLEDES_KeyWrap instead. I am not sure
if it'll fix your problem but it's worth a try.
Vishal
anshuk pal chaudhuri wrote:
Vishal,
Did you find any solution to the problem of XML
Decryption??
Pleas
/details.aspx?FamilyId=1BA1F631-C3E7-420A-BC1E-EF18BAB66122&displaylang=en)
-- dims
On 4/13/05, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
Okay, the WSE problem is kind of weird. When you assign "wsu:Id" to the
soap body, WSE fails to verify its own signed message!, so I don&#
wrote:
Vishal,
what's the problem u are having with WSE?
thanks,
dims
On 4/13/05, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
After more investigation I feel that the Java library is fine. Even
though I'm still having some WS-Security issues, they mainly seem to be
on the WSE2 side,
After more investigation I feel that the Java library is fine. Even
though I'm still having some WS-Security issues, they mainly seem to be
on the WSE2 side, which I'll try raising on some .NET forum.
Thanks,
Vishal
Vishal Mahajan wrote:
Yes it shows in my email also, but the actua
it something in my email, but you can take a look there.
Regards,
On Apr 11, 2005 9:12 PM, *Vishal Mahajan* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
I've attached the soap document signed by .NET
(interop_dotnet_sig.xml) and the certificate (apcert1.cer) t
attached) needs to be registered with the library.
Vishal
Raul Benito wrote:
Hi Vishal,
can you post the document?
On Apr 11, 2005 11:22 AM, Vishal Mahajan <[EMAIL PROTECTED]>
wrote:
I
know this topic has been raised earlier on the list. I would like to
know if someone has got
I know this topic has been raised earlier on the list. I would like to
know if someone has got Apache xml-security-J interoperating with the
.NET (Microsoft WSE)? I've been trying to debug this for quite some
while now without much success. The reference validation seems to be
failing. The stra
Apologies for a delayed response. Actually your problem looks quite
strange to me.
Did you try using doFinal method on the XMLCipher instance rather than
the decryptToByteArray method?
Also is the encryption sample working for you out of the box (without
any changes)?
Vishal
anshuk pal chaudhur
Can you send the encrypted document you're trying to decrypt.
Vishal
anshuk pal chaudhuri wrote:
I am having a problem in XML decryption.
My XML Encryption(element's content) is running
absolutely fine.
While Decrypting I am getting an error
" XMLCipher::decryptElement called without a key and
unab
For validating certificates, instead of writing your own code for
locating the issuer certificate try using the
java.security.cert.CertPathBuilder API. It helps building the
certificate path from the given certificate to its root CA.
Vishal
Kenneth Jensen wrote:
Hey guys,
I am working on an X
Raul Benito wrote:
I want to proposse Sean Mullan as committer for xml-security-java:
First of all, He has been active on the list helping people and
finding bugs and reporting them in bugzilla and (most important)
propossing solutions.
And mainly, he is a JSR 105 expert and one that has help impl
Are you looking for using the same provider that is passed to the first
XMLCipher instance (through the getProviderInstance call) in the key
decryption as well? If yes, then I think we make a change and pass the
same provider name to the EncryptedKeyResolver.
Vishal
Samuel Misecka wrote:
Hi,
I
4n a nodeset
without circumbentBug it first.
Regards,
Raul
On Wed, 23 Feb 2005 16:03:44 +0530, Vishal Mahajan
<[EMAIL PROTECTED]> wrote:
Hi Raul,
There's a unit test failing - NameSpaceSymbTableTest.testUnrederedNodes.
Do we want to fix it for 1.2.1?
Th
Hi Raul,
There's a unit test failing - NameSpaceSymbTableTest.testUnrederedNodes.
Do we want to fix it for 1.2.1?
Thanks,
Vishal
Raul Benito wrote:
Shall we release the 1.2.1 version from v1_2_1j label from
CVS(Changelog bellow)?
[ ] +1, Yes
[ ] +0, Don't know
[ ] -1. No.
Regards,
Raul
Hi Prakasa,
This happens because the encryption code internally uses a
canonicalization-based serializer. During canonicalization the
namespace attributes are cascaded down the root node.
Vishal
Prakasa Nedunuri wrote:
Hi,
I am trying to encrypt and decrypt SOAP body using xmlsec
library.
You can use an asymmetric key (e.g, a public key) for encrypting a
symmetric key (which in turn could be used for encrypting data). Please
refer the encryptKey method in the XMLCipher class.
Vishal
David Han wrote:
Hi
Does xml-security-1_2_0 API support asymmetric key
encryption? If yes, where I
Berin Lautenbach wrote:
Peoples,
I would like to propose Milan as a committer for xml-security-c.
+1 from me.
Vishal
He has helped me a large amount over the last 12 months (and more)
to identify bugs and issues within the library, both in terms of
discovering and reporting bugs as well as pro
Raul Benito wrote:
What do you all think about this:
Should I send it to the [EMAIL PROTECTED]
Sounds fine to me.
Thanks,
Vishal
Does it need some rework?
Right now I have received from berin +1 to the txt only version
Regards,
Raul
http://r-bg.com
-
The Apache XML Security Team is pro
You are right. This is a bug. It has been fixed now.
Thanks,
Vishal
Anton Krasovsky wrote:
Hello,
when trying to decrypt document that has element,
I get an NumberFormatException at XMLCypher.newEncryptionMethod()
line 2502
I think instead of:
if (null != keySizeElement) {
result.setKeySize(
Raul Benito wrote:
Why is this a failure? I thought the patch raul did simply gave an
informational message?
I have test it with the HEAD of xalan and I haven't found any problem(the
exception is logged and everything keep running), so it could be some
weird thing with gump environment.
Anywa
I'll go ahead and check-in the patch.
Vishal
Berin Lautenbach wrote:
Sounds like a good thing to me!
Vishal Mahajan wrote:
I would like to hear what other members on the list think about going
for this change.
Vishal
Davanum Srinivas wrote:
Vishal,
+1 from me.
thanks,
dims
On Tue, 05 Oct 20
I would like to hear what other members on the list think about going
for this change.
Vishal
Davanum Srinivas wrote:
Vishal,
+1 from me.
thanks,
dims
On Tue, 05 Oct 2004 04:40:46 +, Vishal Mahajan
<[EMAIL PROTECTED]> wrote:
All:
Based on Sean's proposal I have prepared a patc
WithSHA1AndMGF1Padding","RSA/OAEP");
or if you have a compliance issue stick with OAEPWithSHA1AndMGF1Padding
in the other provider and everything should behave.
The new naming conventions will be available in the next release. We
will continue to support "OAEPPadding" as wel
Yvan,
Please see inline ...
Hess Yvan wrote:
Hi,
I have a problem to retrieve the Signature element of my signed XML document
using XPath expression. My document looks like that:
http://www.imtf.com/e-document/dcmi";
xmlns:edoc="http://www.imtf.com/e-document";
xmlns:xsi="http://www.w3.org/2001/XM
Berin,
Your fix has fixed this problem of duplicate data being outputted on
decryption. :-)
Thanks,
Vishal
Vishal Mahajan wrote:
2) This seems to be a regression in xml-security. Using (JDK1.4.2 +
BC) OR JDK1.5, the result of decryption in the sample seems incorrect.
The input to be encrypted
All,
There a couple of issues with encryption sample -
1) With JDK 1.5, if you use the latest version of BC above SunJCE in
java.security, the encryption sample fails to decrypt with the exception
below. Also, 8 errors are observed while running encryption unit tests
with this setup. I would gue
What's the error observed?
Vishal
Milan Tomic wrote:
[java & c++] interoperability & encryption
Hi,
I'm having problems with
Apache XSEC Java & C++ interoperability when using encryption. When
I encrypt some XML node in Java I can't decrypt it using C++ libraries,
and
Berin Lautenbach wrote:
Hey all,
Raul suggested recently that we do a 1.2 release of the Java library.
I think that's a great idea - there are a lot of fixes and
improvements that have been done that would make good sense.
I'd also like to do a release of the C library - I have a fairly
functi
Looks like you're missing a JCE provider in your JRE that provides
support for the DES key-wrap algorithm.
Vishal
Earnie Dyke wrote:
Greetings
all!
I
am trying to run the Encrypter sample java program and am receiving
the following error:
org.apache.xml.security.encryptio
Kim Hyung wrote:
>
> Hello,
> I have built a rpc-based web services system using JWSDP 1.1
JWSDP 1.1 sounds very old. JWSDP 1.4 is out and you might want to give
it a try. It provides a security plugin for the wscompile tool. For
details about the technology, see
http://java.sun.com/webservices/d
rsion, which is awkward.
Vishal Mahajan has a fix for this problem and will be putting it back
soon.
--Sean
Carpe Sebastien wrote:
This is a newbie question on xml-security usage. If i'm targetting the
wrong list, please redirect me and forgive me the buzz.
The wholme project is java. I'm using xmlsec-1.1.0, xerces 2.6.2, and
the last bouncy-castle (downloaded yesterday - Aug, 9th)
Here is what i'd li
Some encryption unit tests are not passing on the head branch. I wanted
to make sure that I am not the only one observing this. Details follow:
[junit] Running org.apache.xml.security.test.encryption.BaltimoreEncTest
[junit] Tests run: 10, Failures: 0, Errors: 5, Time elapsed: 7.176 sec
Sean Mullan wrote:
Vishal Mahajan wrote:
Dominik Schadow wrote:
Yes, I tried the following code:
SecretKeySpec keySpec = new
SecretKeySpec(JavaUtils.getBytesFromFile(keyFile), algorithm);
SecretKey key = skf.generateSecret(keySpec);
The exception I receive is
Dominik Schadow wrote:
Yes, I tried the following code:
SecretKeySpec keySpec = new
SecretKeySpec(JavaUtils.getBytesFromFile(keyFile), algorithm);
SecretKey key = skf.generateSecret(keySpec);
The exception I receive is
java.security.NoSuchAlgorithmException: AES not found
at javax.crypto.S
Dominik Schadow wrote:
Hello,
how can I decrypt an AES encrypted XML-document? I understand how to do it
with DESede:
File kekFile = new File(keyFile);
DESedeKeySpec keySpec = new
DESedeKeySpec(JavaUtils.getBytesFromFile(keyFile));
SecretKeyFactory skf = SecretKeyFactory.getInstance(“DESed
The fix looks good. All tests pass including the one that reproduced the problem. I
have checked-it-in.
Thanks,
Vishal
Raul Benito wrote:
>
> Vishal Mahajan wrote:
>
> >Attached is the testcase that shows the problem. I'll check-in the test into the
> >work
Dims,
Davanum Srinivas wrote:
>
> Vishal,
>
> I was thinking about the xalan dependency and noticed that JDK15 has
> xalan under com.sun.apache.*...Are u planning to take a stab at being
> able to run "ant test" using JDK15 without extra Xalan jar
I am caught up in some other work this week. Ne
terop tests that can
> replicate the problem.
>
> Cheers,
> Berin
>
> Vishal Mahajan wrote:
>
> > All,
> >
> > In the Java Library, I observe a couple of things whose combined result
> > seems to be erroneous.
> >
> > Consider the
All,
In the Java Library, I observe a couple of things whose combined result
seems to be erroneous.
Consider the following example document -
text1
text2
Also assume that the dom representation of this document as - A DOM
element named "foo" having two child text nodes - "text1" and "\ntext2".
+1 for both Raul and Dims.
Vishal
Berin Lautenbach wrote:
Peoples,
This has taken me *way* too long to do. My only excuse is I've been
completely sidetracked building a skeleton engine for an XKMS server.
Been keeping me highly amused ;>.
I'd like to nominate Dims and Raul as committers to [EMA
Dominik Schadow wrote:
Vishal,
Thanks for your answer. I upgraded to the lastet Bouncy Castle jar
(bc-jce-jdk13-123.jar). Nothing changed, same exception (ISO10126PADDING not
implemented).
The bc-jar file is located in jre_home/lib/endorsed. /lib/ext doesn't work
as well as in the jdk_hom
Dominik Schadow wrote:
Hello,
I always get a n
org.apache.xml.security.encryption.XMLEncryptionException: Padding:
ISO10126PADDING not implemented
exception when I try to create a
XMLCipher xmlCipher = XMLCipher.getInstance(XMLCipher.AES_128);
It doesn't matter which algorithm I use here. Always
Which is the tag corresponding to 1_1_0 release?
Thanks in advance,
Vishal
All,
I felt it would be useful to have a target that builds only the src jar.
The "build.jar" target that we have, builds the test and sample jars also.
I propose the attached patch which introduces a new target -
"build.src.jar". The patch factors out the manifest task in a "manifest"
target, w
Hi Raul,
[EMAIL PROTECTED] wrote:
I observed a regression in the ElementProxy.getTextFromChildElement()
method.
I've attached the patch for the bug.
I just wanted to get a second word before I check it in.
Thanks,
Vishal
Thanks Vishal,
I've forgot a the getFirstChild()
I observed a regression in the ElementProxy.getTextFromChildElement()
method.
I've attached the patch for the bug.
I just wanted to get a second word before I check it in.
Thanks,
Vishal
Index: ElementProxy.java
===
RCS file: /home/c
Dittmann,
There's another approach you can try:
- Canonicalize once.
- Create a document (again) out of the c14n output.
- Serialize the document and in the process add xmlns="" at the desired
place.
Note that the last step of this procedure is not a c14n step. Good Luck!
:-)
n the interop tests
:>.
I'm trying to package up and do dox for 1.1 this weekend, but the
first thing I want to do after 1.1 is attempt to implement something
similar to what is used in the C library to only temporarily add the
namespaces that are required.
Cheers,
Berin
Vishal Ma
yyappan Gandhirajan
-
Office: 91.80.2225.1554 Extn 1472
Mobile: 91.94483.14969
E-Mail: [EMAIL PROTECTED]
---
-Original Message-
From: Vishal Mahajan [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 31, 2004 6:55 PM
T
Erwin van der Koogh wrote:
OK - I really want to wind this up. (Sometimes things just seem too
difficult :>.)
Do we want to do the hard yards for JuiCE and contact the current users
or the name?
There's only 2 that we could find. Sending an email to them can't seem
to hurt. Give them a couple d
I think (I am not sure) that this might be happening because of the
namespace attributes cascading that's done by apache dsig library on the
xml document. This, combined with the fact that there's no
canonicalization transform inside the signed-info-reference
(ds:Reference) might be resulting i
Hi Peter,
pacow wrote:
also, I have attached a copy of my SOAP request. i add a reference in
the signature to '#Body', do i then need to add an id='Body' attribute to
the soap:Body tag, or elsewhere?
Yes, you would need to add an attribute to the soap:Body element. Adding
SOAP-SEC:id="Body" att
The XMLCipher.loadEncryptedKey(Document, Element) has a very high
logging level. If the _cipherMode is not in UNWRAP_MODE or DECRYPT_MODE
an error is logged, something like:
"XMLCipher unexpectedly not in UNWRAP_MODE or DECRYPT_MODE..."
I think this is not OK as loadEncryptedKey() is a like
ing a
key" :-\ ?
Thanks,
Vishal
Ax/
Vishal Mahajan wrote:
All,
Can someone explain what's the difference between the following two
ways of initializing the javax.crypto.Cipher class for encrypting a
symmetric key:
1) Cipher.init(WRAP_MODE, RSAPublicKey)
2) Cipher.init(ENCRYPT_
All,
Can someone explain what's the difference between the following two ways
of initializing the javax.crypto.Cipher class for encrypting a symmetric
key:
1) Cipher.init(WRAP_MODE, RSAPublicKey)
2) Cipher.init(ENCRYPT_MODE, RSAPublicKey)
I observe that XMLCipher.encryptKey() method always in
Yes it has been done. :-)
Thanks,
Vishal
Berin Lautenbach wrote:
Vishal,
I just went to apply this, and it looks like it might have already
been done by Axl, a few days before this e-mail??
Could you just confirm for me?
Cheers,
Berin
Vishal Mahajan wrote:
Hi All,
Please find attached
asn't changed, as the application *may*
have changed the underlying DOM tree, so throwing away the work after
every operation is not as wasteful as it sounds.
What do others think?
Cheers,
Berin
Vishal Mahajan wrote:
We can probably use the following approach for cascading the
namesp
e interesting output.
Cheers,
Berin
Vishal Mahajan wrote:
Axl,
I had run the test target before sending the patch. There was no
difference in the results with my patch, though there were some tests
already failing. Here's their description:
[junit] Running
org.apache.xml.securi
We can probably use the following approach for cascading the namespace
attributes and at the same time not modifying the original document --
1) Let X be the element selected for signing/verification.
2) Find the set of namespaces attributes that need to be added to X by
traversing up the tree s
ishal Mahajan wrote:
Correction, I sent out Reference.java instead of ReferenceList.java
:-P (Please find it attached now).
- Vishal
Vishal Mahajan wrote:
All,
I observed that there were some TODO items in XMLCipher.java. Some
of them were related to martialing of KeyInfo and ReferenceList. I
Hi Steve,
Try something like the following ...
SOAPPart soapPart = new SOAPPart();
if (!(xmlSignatureDomElement instanceof SOAPElement)) {
SOAPElement xmlSignatureSoapElement = (SOAPElement)
soapPart.importNode(xmlSignatureDomElement, true);
}
Then try adding the xmlSignatureSoapElement
Correction, I sent out Reference.java instead of ReferenceList.java :-P
(Please find it attached now).
- Vishal
Vishal Mahajan wrote:
All,
I observed that there were some TODO items in XMLCipher.java. Some of
them were related to martialing of KeyInfo and ReferenceList. I have
prepared
All,
I observed that there were some TODO items in XMLCipher.java. Some of
them were related to martialing of KeyInfo and ReferenceList. I have
prepared (please find attached) a patch for these. The KeyInfo
martialing I thought was already achieved (KeyInfo.getElement()), and
for ReferenceList
.
Element mode just takes the Element node and performs
encryption of that node.
IMO this is as defined in XML-Enc specs.
Regards,
Werner
-Ursprüngliche Nachricht-
Von: Vishal Mahajan [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 11. Februar 2004 12:33
An: [EMAIL PROTECTED]
Betreff: Re
ontent mode.
Regards,
Werner
-Ursprüngliche Nachricht-
Von: Vishal Mahajan [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 11. Februar 2004 08:35
An: [EMAIL PROTECTED]
Betreff: Re: Problem in Decryption
Hi Berin,
I agree with your reading of the spec. But, the spec does not prevent
the en
with Signature/Encrypt.
During our test we already did tests signature/encryption
in content mode.
Regards,
Werner
-----Ursprüngliche Nachricht-
Von: Vishal Mahajan [mailto:[EMAIL PROTECTED] Gesendet:
Mittwoch, 11. Februar 2004 08:35
An: [EMAIL PROTECTED]
Betreff: Re: Problem in Decryption
Hi
Hi Hyejung,
Are you initializing the SecretKeyFactory using an algoritm URI? That
could be incorrect. I think you need to supply the corresponding JCE id
instead.
Regards,
Vishal
Hye-Jung Kim wrote:
Hello,
I am trying to decrypt the encrypted xml data using KeyInfo.
I extracted CipherValue of
Correction. The document I wanted to quote from the spec is this:
A23B45C56
Thanks,
Vishal
Vishal Mahajan wrote:
Hi Berin,
I agree with your reading of the spec. But, the spec does not prevent
the encrypter from putting whitespaces between the tags
Hi Berin,
I agree with your reading of the spec. But, the spec does not prevent
the encrypter from putting whitespaces between the tags of EncryptedData
and its parent node. Also there are example encrypted documents like the
following in the spec:
A23B45C56
1 - 100 of 104 matches
Mail list logo
