You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Valentin Bojinov (Commented) (JIRA)" <ji...@apache.org> on 2011/10/04 15:51:34 UTC
[jira] [Commented] (SANTUARIO-215) Xpointer and XML Signature
[ https://issues.apache.org/jira/browse/SANTUARIO-215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13120136#comment-13120136 ]
Valentin Bojinov commented on SANTUARIO-215:
--------------------------------------------
Hi Santuario folks,
I see it has been a while since this issue has been opened. I recently started working on the same ebics specification and suffered several obstacles related both to the spec and to the santuario.
I attach xpointer issue I am facing, probably it is the same as the one the reported of this issue suffered as well.
Here is how I try to add an xpointer reference:
{code} private XMLSignature signDocument(final Document document)
throws KeyConfigurationException, MarshalException, javax.xml.crypto.dsig.XMLSignatureException
{
org.apache.xml.security.signature.XMLSignature signature = null;
try
{
signature = new org.apache.xml.security.signature.XMLSignature(document,
"",
org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256,
"http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
}
catch (XMLSecurityException e1)
{
// TODO Auto-generated catch block
e1.printStackTrace();
}
final Key privateKey = getDefaultKeyManager().getPrivateKey(getConfiguration().getOwnSignatureKey());
final Transforms xPointerTransformer = new Transforms(document);
try
{
xPointerTransformer.addTransform(Transforms.TRANSFORM_XPOINTER);
}
catch (TransformationException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
try
{
signature.addDocument("#xpointer(//*[@authenticate='true'])", xPointerTransformer);
}
catch (XMLSignatureException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;{code}
Below is the error I get.
{code}:44:17,757 ERROR [STDERR] org.apache.xml.security.transforms.InvalidTransformException: Unknown transformation. No handler installed for URI http://www.w3.org/TR/2001/WD-xptr-20010108
:44:17,772 ERROR [STDERR] at org.apache.xml.security.transforms.Transform.<init>(Unknown Source)
:44:17,772 ERROR [STDERR] at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
:44:17,772 ERROR [STDERR] at org.apache.xml.security.transforms.Transform.getInstance(Unknown Source)
:44:17,772 ERROR [STDERR] at org.apache.xml.security.transforms.Transforms.addTransform(Unknown Source){code}
To me it looks as the Transforms.TRANSFORM_XPOINTER based references are currently not supported.
I googled a bit how other colleagues have addressed this such issue - what I found was that few succeeded in using santuario as JSR 105 library and used a custom URIDereferencer bound to the signing context in order to resolve the elements which should participate in the digest calculations: Refer to https://forums.oracle.com/forums/thread.jspa?messageID=6387075
I am wondering whether this is the only solution
> Xpointer and XML Signature
> --------------------------
>
> Key: SANTUARIO-215
> URL: https://issues.apache.org/jira/browse/SANTUARIO-215
> Project: Santuario
> Issue Type: Bug
> Components: Java
> Environment: Operating System: Windows XP
> Platform: PC
> Reporter: jelmed
> Priority: Blocker
>
> I've tried the xpointer resolver for generating signatures for the german
> banking interface EBICS which uses #xpointer(//*[@authenticate='true']) to sign
> all elements with this attribute. Unfortunately, signing fails.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira