*-unsubscribe

Thu, 19 Aug 2004 21:39:30 -0700



Berin Lautenbach <[EMAIL PROTECTED]> wrote:
Could this be the same problem as was discussed in the following thread?

http://nagoya.apache.org/eyebrowse/[EMAIL PROTECTED]&by=thread&from=365197

Cheers,
Berin

Mats T Pettersson wrote:
> My project uses Java and the toolkit Apache XML Security version 1.1 for Java to digitally sign and validate a SOAP message containing a detached signature using a X509 certificate.The corresponding certificate is also included using the BinarySecurityToken and a reference to it in a SecurityTokenReference tag. The SOAP message has an element in the soap:header and one element in the soap:body , both containing business data and the these elements are therefore being referenced by the signature (se example message).
>
> These messages are afterwards being sent to my projects business partner via HTTP. Also - the same type of messages are created, signed and transmitted by the my projects businesspartner, using Microsoft .NET and probably some version of WSE, and then sent back to my project.
>
> Example message
>
>
>
>
> TheSenderID
> TheRecieverID
> e72a8ffd-f10b-11d8-8d0a-59cd0f604ce5
> 2004-08-18T13:44:03
>
>
> CWfFEoVpR8FX7A&&.=
>
>
>
>
>
>
>
>
>
> 2tj1B31Sk+59S0W2vVrraX97c4c=
>
>
>
>
>
>
> a0q9friUjwfd8i3plQCOI1kGYd0=
>
>
>
> WmR9U+3/ACWfFEoVpR8FX7AI5HVCrWdbViSD4mpuIriTm6zqlOMDZi2XqId01Q2BxFqeUwgLHuVvIrnglL4M/CqptMyY2pnFdcgiZYZeDtWk0brSsoCCUZb9iNAHDK6YfD53AHhFBZ9h/hVabFYXpQxN
> wKeSNpfFWkb7UgzTGsI=
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Status
>
> Currently the status is as follows:
>
> 1. My project can validate its own signed messages.
> 2. My project can with the same code and certificate validate the business partners signed messages.
> 3. The business partner cant validate my projects signed messages.
>
> After extensive testing and debugging, it is concluded that the signature references digest values becomes the same in both Java and .NET signed messages. But the SignatureValues differ! Does the Java and .NET implementations of the canonicalization algorithms differ therefore producing different values?
> According to posts in some various newsgroups it is concluded that some interoperability issues between Java toolkits and .NET Framework / WSE 1.0 / WSE 2.0 occur in the implementations of the canonicalization algorithms.
>
> Questions
>
> Which combinations of toolkits (Apache 1.1 XML Security and .NET Framework / WSE 1.0 SP1 / WSE 2.0) are possible according to the different implementations of the canonicalization algorithms?
>
> How to configure either toolkit (Apache or .NET) to make the both canonicalization algorithms the same regarding to implementation?
>
> Which toolkit supports the xml signature standard?
>
> Are there any interoperability test results accessible between Apache XML Signature and .NET?
>
> Any and I mean any input / feedback / help is much appriciated cause we are stuck...
>
> Ps. Sorry for the long posting D.s
>
> Mats
>
>
>
>

Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!

Reply via email to