You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2012/07/04 12:54:34 UTC
[jira] [Created] (SANTUARIO-318) Support Base64 streaming Transform
Colm O hEigeartaigh created SANTUARIO-318:
---------------------------------------------
Summary: Support Base64 streaming Transform
Key: SANTUARIO-318
URL: https://issues.apache.org/jira/browse/SANTUARIO-318
Project: Santuario
Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: Java 2.0.0
This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13416076#comment-13416076 ]
Colm O hEigeartaigh commented on SANTUARIO-318:
-----------------------------------------------
Yep, makes sense to me.
Colm.
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13413658#comment-13413658 ]
Colm O hEigeartaigh commented on SANTUARIO-318:
-----------------------------------------------
Yep, e.g.:
<Reference URI="#object">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>N6pjx3OY2VRHMmLhoAV8HmMu2nc=</DigestValue>
</Reference>
Colm.
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SANTUARIO-318) Support Base64 streaming Transform
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated SANTUARIO-318:
------------------------------------------
Component/s: Java
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13413143#comment-13413143 ]
Marc Giger commented on SANTUARIO-318:
--------------------------------------
Is the http://www.w3.org/2000/09/xmldsig#base64 transform meant?
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13415526#comment-13415526 ]
Marc Giger commented on SANTUARIO-318:
--------------------------------------
Typically, the digest input is not the same as what is seen on the wire. There are transformations like C14N to normalize the xml before digesting. The normalized xml is just used for the signature input and therefore not further used. The original XML will be put on the wire.
(1) This Base64 transformation is a little bit special because we have to do the base64 decoding and feed it to the digester. Then the original Base64 encoded content will be forwarded to the application whereas it must be decoded again.
On the outgoing side the application has to Base64 encode the content which will be signed. Then the signature engine has to decode the content for digesting and forward the original base64 encoded XML.
(2) The other option would be to just let the signature engine perform the base64 encoding and decoding. But I see the following 2 problems:
1. The original content could be modified during xmlsec processing. The result will be a digest mismatch.
2. The streaming signature engine is not prepared for content modifications.
Since the Base64 Transform is named "base64 decoding transforms" I will go for solution (1): The application has to to do the Base64 encoding and decoding. The streaming signature engine will just decode it, for the outgoing and the incoming case.
Does this make sense? Any objections?
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13416969#comment-13416969 ]
Colm O hEigeartaigh commented on SANTUARIO-318:
-----------------------------------------------
Hi Marc,
Could you take a look at BaltimoreTest.test_twenty_three_enveloping_b64_dsa? It's failing with:
com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'P' (code 80) in prolog; expected '<'
at [row,col {unknown-source}]: [1,1]
at com.ctc.wstx.sr.StreamScanner.throwUnexpectedChar(StreamScanner.java:639)
Colm.
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (SANTUARIO-318) Support Base64 streaming
Transform
Posted by "Marc Giger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SANTUARIO-318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marc Giger resolved SANTUARIO-318.
----------------------------------
Resolution: Fixed
Assignee: Marc Giger (was: Colm O hEigeartaigh)
r1362550
> Support Base64 streaming Transform
> ----------------------------------
>
> Key: SANTUARIO-318
> URL: https://issues.apache.org/jira/browse/SANTUARIO-318
> Project: Santuario
> Issue Type: Improvement
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
> Fix For: Java 2.0.0
>
>
> This task is to support the Base64 streaming Transform.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira