java signaturevalue verification

2005-08-19 Thread Miha Vidmar
Hi,   i am wondering about something. I have a test case where I verify a simple signature that keeps failing on me. All the digests where calculated ok, only the signature value always failed. I discovered that it's because I initialized cryptomanager. If I comment that code out it works fi

How do I avoid creating buffers just to pass data to MemBufInputSource()

2005-08-19 Thread Cullum, Steve
I am using Apache sec lib inside an ISAPI filter to validate digital sigs as they flow through our network. I store the raw packets as they are streamed over the network inside a linked list and want to avoid excessive buffer copying. Currently I walk my list of packets, accumulate the packets int

DO NOT REPLY [Bug 35960] - Enveloped Signature Transform failed after a transform producing an octet stream output

2005-08-19 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

RE: How do I avoid creating buffers just to pass data to MemBufInputSource()

2005-08-19 Thread Jesse Pelton
You can prevent MemBufInputSource from cloning the buffer with MemBufInputSource::setCopyBufToStream(false). I think you can avoid the need for any buffers by implementing your own InputSource and BinInputStream. It looks to me like you only need to implement InputSource::makeStream(), BinInputSt

Re: java signaturevalue verification

2005-08-19 Thread Sean Mullan
There is no class named CryptoManager in the Apache XMLSec Java sources. It sounds like you are using some other XML Security implementation. --Sean Miha Vidmar wrote: Hi, i am wondering about something. I have a test case where I verify a simple signature that keeps failing on me. All the

RE: How do I avoid creating buffers just to pass data to MemBufInputSource()

2005-08-19 Thread Cullum, Steve
Thanks for the insight Jesse. Do you know of any references or examples I can use as a start point. I apologise if I should be asking these questions in the Apache Xml mailing list. I thought it was relevant to this list because of the last param of "XSecMem" in MemBufInputSource(). Thanks aga

RE: How do I avoid creating buffers just to pass data to MemBufInputSource()

2005-08-19 Thread Jesse Pelton
I don't know the answer off the top of my head, and I have to leave for the day. I can say this, though: the "XSecMem" parameter in MemBufInputSource() is just a string. The appropriate place for your question is indeed on the Xerces list; I subscribe to both and didn't notice which one you'd po

RE: java signaturevalue verification

2005-08-19 Thread Miha Vidmar
Title: RE: java signaturevalue verification No, I use Apache XMLSec. I meant CryptoManager from mozilla jss. I don't know how exactly they are connected (i know that jss handles the signaturevalue in some way), but whenever cryptomanager is initialized with some certificate store, the signatur