You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by mujahedsyed <ms...@gmail.com> on 2014/08/27 13:00:21 UTC

EncryptedKey Id Validation fails

Hi Team,

I have a flow that does encryption using xmlsec library 2.0.1 and it then
sends the encrypted message to third party system. This third party is
unable to validate the message if there are two or more encrypted xml
elements in them and the exception they see is:



This ID element is present in xenc:EncryptedKey element, and I can see that
the message has the same Id twice, here is the encrypted message:



I did some investigation and the issue sounds very similar to
https://issues.apache.org/jira/browse/WSS-242

I have few queries:

1. The third party is using xerces to validate the encrypted xml, Can you
please let me know where I can find XSD's that I can provide third party to
use so they can correctly validate the encrypted XML?
2. if this is not because of XSD can you please guide on how we can perform
the validation?

Appreciate your response, thanks a lot.

Regards,
Mujahed



--
View this message in context: http://apache-xml-project.6118.n7.nabble.com/EncryptedKey-Id-Validation-fails-tp41424.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.

Re: EncryptedKey Id Validation fails

Posted by mujahedsyed <ms...@gmail.com>.

Hi Marc,

Thank you very much for the suggestion, I have raised the JIRA
https://issues.apache.org/jira/browse/SANTUARIO-397 I haven't raised a JIRA
before with Santuario, but I hope I have provided enough information.

I have also attached small app to demonstrate validation failure.

We appreciate your help.
Regards,
Mujahed 



--
View this message in context: http://apache-xml-project.6118.n7.nabble.com/EncryptedKey-Id-Validation-fails-tp41424p41426.html
Sent from the Apache XML - Security - Dev mailing list archive at Nabble.com.

Re: EncryptedKey Id Validation fails

Posted by Marc Giger <gi...@apache.org>.

Hi Mujahed,

Looks like a bug. Could you please create a new JIRA here:
https://issues.apache.org/jira/browse/SANTUARIO

Thanks,

Marc



On Wed, 27 Aug 2014 04:00:21 -0700 (PDT)
mujahedsyed <ms...@gmail.com> wrote:

> Hi Team,
> 
> I have a flow that does encryption using xmlsec library 2.0.1 and it
> then sends the encrypted message to third party system. This third
> party is unable to validate the message if there are two or more
> encrypted xml elements in them and the exception they see is:
> 
> 
> 
> This ID element is present in xenc:EncryptedKey element, and I can
> see that the message has the same Id twice, here is the encrypted
> message:
> 
> 
> 
> I did some investigation and the issue sounds very similar to
> https://issues.apache.org/jira/browse/WSS-242
> 
> I have few queries:
> 
> 1. The third party is using xerces to validate the encrypted xml, Can
> you please let me know where I can find XSD's that I can provide
> third party to use so they can correctly validate the encrypted XML?
> 2. if this is not because of XSD can you please guide on how we can
> perform the validation?
> 
> Appreciate your response, thanks a lot.
> 
> Regards,
> Mujahed
> 
> 
> 
> --
> View this message in context:
> http://apache-xml-project.6118.n7.nabble.com/EncryptedKey-Id-Validation-fails-tp41424.html
> Sent from the Apache XML - Security - Dev mailing list archive at
> Nabble.com.