Harakiri wrote:
This is a very strange signature. If you just want
to sign
the contents of the document (the tbone element)
without the
signature, you should just use the enveloped
transform:
http://www.w3.org/TR/xmldsig-core/#sec-EnvelopedSignature
I think the code was based on this example:
http://svn.apache.org/repos/asf/xml/security/trunk/src_samples/javax/xml/crypto/dsig/samples/GenEnveloped.java
But that example uses the Enveloped Signature Transform.
So the sample code i submitted earlier is correct ?
No, I don't think so.
From what I can tell, I think you are trying to generate an enveloped
signature that signs the entire contents of the document (excluding the
signature). In that case, you should replace your code and use the
example above as a guideline.
Since we use
enveloped signature transform? Because you said we should better use
enveloped signature transform. Im sorry im just getting the basics of
xml signature.
When you say SUN xmldsig jars, I'm still not sure what version of
the software you are using. Can you give me more details as to what
you are using?
Im really sorry, im trying to maintain a legacy application and do
not have specific information. I decompiled the jars to figure out
exactly what version it is - but i havent. I will attach the used
jars to this message.
These appear to be really old from a Sun product (JWSDP) that is no
longer supported. If possible, I would encourage you to move to
something more recent, either use the xmlsec.jar from a recent Apache
XML Security release (which will work on JDK 1.4.2 and up) or the XML
Security/JSR 105 implementation built into JDK 6.
--Sean
