DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41821>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41821 Summary: Invalid Reference Signature when are used 2 or more Namespaces Product: Security Version: unspecified Platform: Other OS/Version: other Status: NEW Severity: blocker Priority: P2 Component: Signature AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] For XAdES signatures we have to use 2 namespaces. One for Digital Signature and another for XAdES. When we do that it is not possible to make correct signature because the digest value is calculated using just one of the 2 namespaces. When the XML Signature is stored to the file using XMLUtils.outputDOMc14nWithComments the file format is correct. After that when the file again is loaded into the memory and the validation is failed because now the validation algorithm use both namespaces which is the correct situation. I try the suggested ideas using CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS Transforms in Reference without successful results. I am not so familiar with the standards, but in my opinion this is very strong bug in Java XML Signature implementation. Using of one or more namespaces with prefixes is very typical issue. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
