Dear all,
The link to the API Java doc,
http://santuario.apache.org/Java/api/index.html
returns a HTTP 404.
Regards,
Ralph
--
Dipl.-Inform. Ralph Holz
Rechnernetze und Internet
Wilhelm-Schickard-Institut für Informatik
Universität Tübingen
http://net.informatik.uni-tuebingen.de/en/members/
Hi Scott,
thanks for all that information, it is much appreciated. I can see we still
have to go a long way with DSig. Against this background, I have switched
back to an alternative way of signing for now. I think I cannot get it to run
with XMLSec in the time that I have left on this project
> > The only difference that I can see are the missing namespaces.
>
> That doesn't seem right unless our XML was already indented the same way as
> the transform would.
It's the identity transform - that should not do anything except store the
DOMSource in a Result.
> > No, the problem also occ
Hi,
> > Looking at my document with kdiff3, I can see that only one line is
> > different:
>
> And there are no whitespace differences?
The only difference that I can see are the missing namespaces.
> >
> > File file = new File(filename);
> > FileOutputStream f = new FileOutputStream(file);
> >
Hi,
I create a signature with a C14N transform applied. Signing works. The
signature is valid if I apply the checkSignatureValue() method directly on
the result Document object.
However, if I write the Document out to the file system and parse it in back
again later, the signature is invalid.
Hi,
On Wednesday 14 November 2007 06:50:03 Vishal Mahajan wrote:
> I have attached another instance of this string comparison problem that
> was reported on wss4j list sometime back. The work-around is of course
> to explicitly make sure that all standard namespace strings are interned
> before m
Hi,
How do I determine where the element is placed in the result
XML? E.g., I have a SOAP message like this:
...
My code signs only the part (using XPath-Transforms). In the
resulting tree, the signature is added *after* the :
...
...
I would, however, like to add it to the part:
Hi,
Ah, thanks for your help. That would explain, of course, why the Document is
decrypted OK when the receiver saves it to disk and reads it in again
The Document gets transmitted by Pastry from Bob to Alice. Pastry's routines
serialise it so the other side just needs to deserialise it, and ha
Hi,
I can provide the following assistance in finding the problem: when the
receiver writes the Document to disk and parses it in again, the decryption
works! A crude work-around, but at least it means there is a problem with the
Document and the libs.
It really must be a problem that happens
Hi,
I've got this strange little problem.
When I encrypt a org.w3c.Document and decrypt it on the same host, everything
is fine. When I send it over the network, the receiving host throws an
org.apache.xml.security.encryption.XMLEncryptionException. The interesting
part of the stack trace is t
Hi,
I partially encrypt my document, i.e. the node set where this element is at
the root,
http://da.ralphholz.de/PDP-A_1"; pdpaId="pdpaId"
protocol="PDP-A_1" type="DHComplete">
and encrypt it such that the original node set is replaced.
I can only decrypt if I include the xmlns attribute furt
Hi,
No need to answer anymore - the problem is solved (part incorrect lib use,
part incorrectly distributed keys).
Ralph
--
For contact details, please see www.ralphholz.de.
signature.asc
Description: This is a digitally signed message part.
Hi,
Following up myself, I can see that
xmlCipherRSA.loadEncryptedKey(encryptedKeyElement);
works and
encryptedKey.getKeyInfo() returns null. Why is that?
Thanks,
Ralph
On Monday 27 August 2007 17:17:00 [EMAIL PROTECTED] wrote:
> Hi,
>
> I'm having difficulty decrypting an RSA/AES-encrypte
Hi,
I'm having difficulty decrypting an RSA/AES-encrypted document. I used
RSA-OAEP in wrap mode to encrypt a shared key:
xmlCipherRSA.init(XMLCipher.WRAP_MODE, pk);
xmlCipherAES.init(XMLCipher.ENCRYPT_MODE, symKey);
encKey = xmlCipherRSA.encryptKey(document, symKey);
and encrypted OK.
Then I
Hi Scott,
[... Help...]
Thanks for the tips, I'll try them out asap!
> > Sorry for all these questions and demand on your time, but XML Security
> > needs more documentation, quite badly, I think.
>
> These libraries just aren't set up for novices. Mine aren't either.
> Documentation takes a lot
Hi,
> You're confusing some terminology. A Base URI is not the URI of a document
> being signed, it's used to resolve relative URIs during various stages of
> work, and is irrelevant if you're trying to sign a complete document. Put
> another way, "" is sort of a degenerate absolute URI, so a Base
Hi,
I create and sign a Document that does not have a URI: I intend to send it
over the net as a Java-serialised object (because I use a P2P net for
sending). So the XML does not really exist as a file anywhere and I would
like to set the BaseURI to "" (empty). Signing with this works, but the
Hi,
> > I think I could also have an identifying attribute in the ,
> > and replace the expression with id("nameOfIDAttr"). Which is, I think,
> > the recommended way as it is faster and less error-prone (I can assume
> > Schema-aware entities).
>
> Then by all means do not use XPath. But if you u
Scott,
thanks, that was exactly the pointer I needed! If you have a minute to have a
look at this. My doc looks like this
...
...
I would like to sign the "message" payload in the Body. So I did
transforms.addTransform(Transforms.TRANSFORM_ENVELOPED_SIGNATURE);
String
Hi,
Following up on kb's thread on signing less than the whole document, I would
like to ask how to use the API to sign a sub-tree of my document. It is easy
for me to retrieve the sub-tree (i.e. the parent element) because it's
unique.
But I don't quite get how I can apply the API to it: the
Scott,
On Wednesday 01 August 2007 21:20:52 Scott Cantor wrote:
> > is there a way that i could just sign just one element from the whole
> > xml.
>
> Yes, but it's somewhat difficult. You can either use an XPath filter
> transform to select the node, or refer to the node by an ID attribute.
It's
21 matches
Mail list logo
