Hi, I partially encrypt my document, i.e. the node set where this element is at the root,
<pdpa:message xmlns:pdpa="http://da.ralphholz.de/PDP-A_1"; pdpaId="pdpaId" protocol="PDP-A_1" type="DHComplete"> and encrypt it such that the original node set is replaced. I can only decrypt if I include the xmlns attribute further up the tree in the original document, otherwise I get: Exception in thread "main" org.apache.xml.security.encryption.XMLEncryptionException: The prefix "pdpa" for element "pdpa:message" is not bound. Original Exception was org.xml.sax.SAXParseException: The prefix "pdpa" for element "pdpa:message" is not bound. When I do so and decrypt it, I see that xmlns has been omitted: <pdpa:message pdpaId="pdpaId" protocol="PDP-A_1" type="DHComplete"> Reading http://www.w3.org/TR/xmlenc-decrypt#sec-interiting-xml-attributes, http://www.w3.org/TR/xmlenc-decrypt#func-decryptXML I get the impression this is a canonicalization issue - true? How I go about it if I want to keep the attribute? Thanks, Ralph -- For contact details, please see www.ralphholz.de.
signature.asc
Description: This is a digitally signed message part.
