You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Monica Lau <ml...@yahoo.com> on 2004/10/01 19:38:12 UTC
XML Signature Newbie
Hi,
I'm a newbie on XML signatures. I've been reading up on it lately, and I have some questions below that I hope you can help me with:
(1) I looked at the simpleHMAC.cpp example, which uses enveloped signature. This requires Xalan. If I use a detached signature instead, with the following algorithms, would I still need to install Xalan?
Algorithms:
CanonicalizationMethod: C14n without comments
Transform: TRANSFORM_C14N, just canonicalization
DigestMethod: HASH_SHA1
SignatureMethod: SIGNATURE_DSA
Example of detached signature:
<UserDocument>
<User id="userid">
<Name>Tom Jones</Name>
</User>
<Signature>
<SignedInfo>
...
<Reference URI="userid">
...
</Reference>
...
</SignedInfo>
</Signature>
</UserDocument>
(2) The XSec API to generate the above detached signature is almost the same as for the enveloped signature, right? Does anyone have a sample detached signature code that I can look at?
Thanks for your help in advance! Much appreciated.
Regards,
Monica
---------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
Re: XSec Versions
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
No - the October version would be a 1.2 version. I'll have a look at
the macro stuff in the next few days and drop a line to this list!
Cheers,
Berin
Monica Lau wrote:
> Hi,
>
> Thanks very much for looking into this! Is the release in October a new
> XSec 1.2 version or is it a patch to the old XSec 1.0 version (fixing
> the Xerces macro issue)? Please let me know when the macro fix would be
> ready for checkout... Let me know if I can help out with the testing as
> well -- I'll be happy to do that.
>
> Regards,
> Monica
>
>
> */Berin Lautenbach <be...@wingsofhermes.org>/* wrote:
>
> Monica,
>
> I've just had a quick look - the major difference between 2.1 and
> 2.6 is
> the use of the xerces namespace. It looks like there are a few places
> where we haven't been quite clean on the macros, so things are not
> compiling (the macros should remove namespace usage if the xerces
> namespace is not defined).
>
> I'll have a look and see what I can do - probably on the weekend. But
> it would mean you would have to move to a CVS checkout - although we
> are
> planning to get a release out in mid Oct.
>
> Cheers,
> Berin
>
> Monica Lau wrote:
>
> > Hi,
> >
> > I checked the Xerces C++ migration archive, and the DOM
> reorganization
> > happened in Xerces 2.0.0. Snippet from archive: "The old
> Java-like DOM
> > is now deprecated, and all the associated files, including the
> headers
> > and DOMParser files are moved to |src/xercesc/dom/deprecated|.
> Users of
> > the old Java-like DOM are required to change all their #include
> lines to
> > pick up the headers." Is this what you're referring to about the old
> > DOM_Node interface? So, I believe 2.1 is using the new interface.
> >
> > I've included the compilation errors below (compiling XSec 1.0.0
> with
> > Xerces 2.1 and OpenSSL 0.9.6b). Please let me know if I need to
> > backtrack to an older version of XSec or upgrade to a higher Xerces
> > version...
> >
> > Thanks for your help,
> > Monica
> >
> >
> > branches 16:57:41 ~/xml-security-c-1.0.0/src $ gmake
> > mkdir -p ../lib
> > mkdir -p ../lib/obj
> > mkdir -p ../bin
> > mkdir -p ../bin/obj
> > gmake -C canon includes
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/canon'
> > mkdir -p ../../include/xsec/canon
> > cp -p XSECC14n20010315.hpp XSECCanon.hpp ../../include/xsec/canon
> > gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/canon'
> > gmake -C transformers includes
> > gmake[1]: Entering directory
> > `/home/mlau/xml-security-c-1.0.0/src/transformers'
> > mkdir -p ../../include/xsec/transformers
> > cp -p TXFMBase.hpp TXFMBase64.hpp TXFMC14n.hpp TXFMChain.hpp
> > TXFMDocObject.hpp TXFMEnvelope.hpp TXFMMD5.hpp TXFMOutputFile.hpp
> > TXFMParser.hpp TXFMSB.hpp TXFMSHA1.hpp TXFMURL.hpp TXFMXPath.hpp
> > TXFMXPathFilter.hpp TXFMXSL.hpp ../../include/xsec/transformers
> > gmake[1]: Leaving directory
> > `/home/mlau/xml-security-c-1.0.0/src/transformers'
> > gmake -C dsig includes
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/dsig'
> > mkdir -p ../../include/xsec/dsig
> > cp -p DSIGConstants.hpp DSIGKeyInfo.hpp DSIGKeyInfoList.hpp
> > DSIGKeyInfoMgmtData.hpp DSIGKeyInfoName.hpp DSIGKeyInfoPGPData.hpp
> > DSIGKeyInfoSPKIData.hpp DSIGKeyInfoValue.hpp DSIGKeyInfoX509.hpp
> > DSIGReference.hpp DSIGReferenceList.hpp DSIGSignature.hpp
> > DSIGSignedInfo.hpp DSIGTransform.hpp DSIGTransformBase64.hpp
> > DSIGTransformC14n.hpp DSIGTransformEnvelope.hpp
> DSIGTransformList.hpp
> > DSIGTransformXPath.hpp DSIGTransformXPathFilter.hpp
> DSIGTransformXSL.hpp
> > DSIGXPathFilterExpr.hpp DSIGXPathHere.hpp ../../include/xsec/dsig
> > gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/dsig'
> > gmake -C enc includes
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/enc'
> > mkdir -p ../../include/xsec/enc
> > cp -p XSECCryptoBase64.hpp XSECCryptoException.hpp
> XSECCryptoHash.hpp
> > XSECCryptoKey.hpp XSECCryptoKeyDSA.hpp XSECCryptoKeyHMAC.hpp
> > XSECCryptoKeyRSA.hpp XSECCryptoProvider.hpp XSECCryptoX509.hpp
> > XSECKeyInfoResolver.hpp XSECKeyInfoResolverDefault.hpp
> > ../../include/xsec/enc
> > gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/enc'
> > gmake -C enc/OpenSSL includes
> > gmake[1]: Entering directory
> > `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> > mkdir -p ../../../include/xsec/enc/OpenSSL
> > cp -p OpenSSLCryptoBase64.hpp OpenSSLCryptoHash.hpp
> > OpenSSLCryptoHashHMAC.hpp OpenSSLCryptoKeyDSA.hpp
> > OpenSSLCryptoKeyHMAC.hpp OpenSSLCryptoKeyRSA.hpp
> > OpenSSLCryptoProvider.hpp OpenSSLCryptoX509.hpp
> > ../../../include/xsec/enc/OpenSSL
> > gmake[1]: Leaving directory
> > `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> > gmake -C framework includes
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/framework'
> > mkdir -p ../../include/xsec/framework
> > cp -p XSECDefs.hpp XSECError.hpp XSECException.hpp XSECProvider.hpp
> > XSECURIResolver.hpp XSECURIResolverXerces.hpp XSECW32Config.hpp
> > XSECConfig.hpp ../../include/xsec/framework
> > gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/framework'
> > gmake -C utils includes
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/utils'
> > mkdir -p ../../include/xsec/utils
> > cp -p XSECBinTXFMInputStream.hpp XSECDOMUtils.hpp
> > XSECNameSpaceExpander.hpp XSECPlatformUtils.hpp XSECSafeBuffer.hpp
> > XSECSafeBufferFormatter.hpp XSECTXFMInputSource.hpp
> > XSECXPathNodeList.hpp ../../include/xsec/utils
> > gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/utils'
> > gmake -C utils/unixutils includes
> > gmake[1]: Entering directory
> > `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> > mkdir -p ../../../include/xsec/utils/unixutils
> > cp -p XSECBinHTTPURIInputStream.hpp XSECURIResolverGenericUnix.hpp
> > ../../../include/xsec/utils/unixutils
> > gmake[1]: Leaving directory
> > `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> > gmake -C canon compile
> > gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/canon'
> > g++ -O2 -DNDEBUG -Wall -fPIC -DFREEBSD -c -I/usr/local/include
> > -I../../include -o ../../lib/obj/XSECC14n20010315.o
> XSECC14n20010315.cpp
> > In file included from
> /usr/local/include/xsec/canon/XSECC14n20010315.hpp:35,
> > from XSECC14n20010315.cpp:74:
> > /usr/local/include/xsec/utils/XSECXPathNodeList.hpp:181: parse error
> > before `::'
> > XSECC14n20010315.cpp: In method `void XSECC14n20010315::init()':
> > XSECC14n20010315.cpp:358: `c14ntarget' undeclared (first use this
> function)
> > XSECC14n20010315.cpp:358: (Each undeclared identifier is reported
> only once
> > XSECC14n20010315.cpp:358: for each function it appears in.)
> > XSECC14n20010315.cpp:358: parse error before `('
> > XSECC14n20010315.cpp:359: `formatBuffer' undeclared (first use this
> > function)
> > XSECC14n20010315.cpp:362: `formatter' undeclared (first use this
> function)
> > gmake[1]: *** [../../lib/obj/XSECC14n20010315.o] Error 1
> > gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/canon'
> > gmake: *** [compile] Error 2
> >
> >
> >
> >
> >
> > */Berin Lautenbach /* wrote:
> >
> > Monica,
> >
> > Can you remind me - is 2.1 with the old DOM_Node interface?
> (Nodes were
> > not pointers, they were objects with reference counts - a kind of
> Java
> > approach in C++).
> >
> > If so, the released versions won't support it. (OpenSSL 0.9.6
> should be
> > fine.) Early beta code supported 2.1, but you'd need to go back into
> > the CVS to find a version that worked, and it wouldn't be fully
> > functional.
> >
> > Cheers,
> > Berin
> >
> > Monica Lau wrote:
> >
> > > Hi,
> > >
> > > I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and
> > > Xerces 2.5. However, our code base is really out-of-date. We're
> > using
> > > OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code
> > base,
> > > but it might be a huge effort. Are there older versions of XSec
> that
> > > would work with the above, older OpenSSL and Xerces versions? I
> > tried
> > > 1.0.0, but that didn't compile.
> > >
> > > Thanks for your help in advance!
> > >
> > > Regards,
> > > Monica
> > >
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------
> > > Do you Yahoo!?
> > > Yahoo! Mail Address AutoComplete
> > >
> > > - You start. We finish.
> >
> >
> ------------------------------------------------------------------------
> > Do you Yahoo!?
> > vote.yahoo.com - Register online to vote today!
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete
> <http://us.rd.yahoo.com/mail_us/taglines/aac/*http://promotions.yahoo.com/new_mail/static/ease.html>
> - You start. We finish.
Re: XSec Versions
Posted by Monica Lau <ml...@yahoo.com>.
Hi,
Thanks very much for looking into this! Is the release in October a new XSec 1.2 version or is it a patch to the old XSec 1.0 version (fixing the Xerces macro issue)? Please let me know when the macro fix would be ready for checkout... Let me know if I can help out with the testing as well -- I'll be happy to do that.
Regards,
Monica
Berin Lautenbach <be...@wingsofhermes.org> wrote:
Monica,
I've just had a quick look - the major difference between 2.1 and 2.6 is
the use of the xerces namespace. It looks like there are a few places
where we haven't been quite clean on the macros, so things are not
compiling (the macros should remove namespace usage if the xerces
namespace is not defined).
I'll have a look and see what I can do - probably on the weekend. But
it would mean you would have to move to a CVS checkout - although we are
planning to get a release out in mid Oct.
Cheers,
Berin
Monica Lau wrote:
> Hi,
>
> I checked the Xerces C++ migration archive, and the DOM reorganization
> happened in Xerces 2.0.0. Snippet from archive: "The old Java-like DOM
> is now deprecated, and all the associated files, including the headers
> and DOMParser files are moved to |src/xercesc/dom/deprecated|. Users of
> the old Java-like DOM are required to change all their #include lines to
> pick up the headers." Is this what you're referring to about the old
> DOM_Node interface? So, I believe 2.1 is using the new interface.
>
> I've included the compilation errors below (compiling XSec 1.0.0 with
> Xerces 2.1 and OpenSSL 0.9.6b). Please let me know if I need to
> backtrack to an older version of XSec or upgrade to a higher Xerces
> version...
>
> Thanks for your help,
> Monica
>
>
> branches 16:57:41 ~/xml-security-c-1.0.0/src $ gmake
> mkdir -p ../lib
> mkdir -p ../lib/obj
> mkdir -p ../bin
> mkdir -p ../bin/obj
> gmake -C canon includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> mkdir -p ../../include/xsec/canon
> cp -p XSECC14n20010315.hpp XSECCanon.hpp ../../include/xsec/canon
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> gmake -C transformers includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/transformers'
> mkdir -p ../../include/xsec/transformers
> cp -p TXFMBase.hpp TXFMBase64.hpp TXFMC14n.hpp TXFMChain.hpp
> TXFMDocObject.hpp TXFMEnvelope.hpp TXFMMD5.hpp TXFMOutputFile.hpp
> TXFMParser.hpp TXFMSB.hpp TXFMSHA1.hpp TXFMURL.hpp TXFMXPath.hpp
> TXFMXPathFilter.hpp TXFMXSL.hpp ../../include/xsec/transformers
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/transformers'
> gmake -C dsig includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
> mkdir -p ../../include/xsec/dsig
> cp -p DSIGConstants.hpp DSIGKeyInfo.hpp DSIGKeyInfoList.hpp
> DSIGKeyInfoMgmtData.hpp DSIGKeyInfoName.hpp DSIGKeyInfoPGPData.hpp
> DSIGKeyInfoSPKIData.hpp DSIGKeyInfoValue.hpp DSIGKeyInfoX509.hpp
> DSIGReference.hpp DSIGReferenceList.hpp DSIGSignature.hpp
> DSIGSignedInfo.hpp DSIGTransform.hpp DSIGTransformBase64.hpp
> DSIGTransformC14n.hpp DSIGTransformEnvelope.hpp DSIGTransformList.hpp
> DSIGTransformXPath.hpp DSIGTransformXPathFilter.hpp DSIGTransformXSL.hpp
> DSIGXPathFilterExpr.hpp DSIGXPathHere.hpp ../../include/xsec/dsig
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
> gmake -C enc includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/enc'
> mkdir -p ../../include/xsec/enc
> cp -p XSECCryptoBase64.hpp XSECCryptoException.hpp XSECCryptoHash.hpp
> XSECCryptoKey.hpp XSECCryptoKeyDSA.hpp XSECCryptoKeyHMAC.hpp
> XSECCryptoKeyRSA.hpp XSECCryptoProvider.hpp XSECCryptoX509.hpp
> XSECKeyInfoResolver.hpp XSECKeyInfoResolverDefault.hpp
> ../../include/xsec/enc
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/enc'
> gmake -C enc/OpenSSL includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> mkdir -p ../../../include/xsec/enc/OpenSSL
> cp -p OpenSSLCryptoBase64.hpp OpenSSLCryptoHash.hpp
> OpenSSLCryptoHashHMAC.hpp OpenSSLCryptoKeyDSA.hpp
> OpenSSLCryptoKeyHMAC.hpp OpenSSLCryptoKeyRSA.hpp
> OpenSSLCryptoProvider.hpp OpenSSLCryptoX509.hpp
> ../../../include/xsec/enc/OpenSSL
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> gmake -C framework includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/framework'
> mkdir -p ../../include/xsec/framework
> cp -p XSECDefs.hpp XSECError.hpp XSECException.hpp XSECProvider.hpp
> XSECURIResolver.hpp XSECURIResolverXerces.hpp XSECW32Config.hpp
> XSECConfig.hpp ../../include/xsec/framework
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/framework'
> gmake -C utils includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/utils'
> mkdir -p ../../include/xsec/utils
> cp -p XSECBinTXFMInputStream.hpp XSECDOMUtils.hpp
> XSECNameSpaceExpander.hpp XSECPlatformUtils.hpp XSECSafeBuffer.hpp
> XSECSafeBufferFormatter.hpp XSECTXFMInputSource.hpp
> XSECXPathNodeList.hpp ../../include/xsec/utils
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/utils'
> gmake -C utils/unixutils includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> mkdir -p ../../../include/xsec/utils/unixutils
> cp -p XSECBinHTTPURIInputStream.hpp XSECURIResolverGenericUnix.hpp
> ../../../include/xsec/utils/unixutils
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> gmake -C canon compile
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> g++ -O2 -DNDEBUG -Wall -fPIC -DFREEBSD -c -I/usr/local/include
> -I../../include -o ../../lib/obj/XSECC14n20010315.o XSECC14n20010315.cpp
> In file included from /usr/local/include/xsec/canon/XSECC14n20010315.hpp:35,
> from XSECC14n20010315.cpp:74:
> /usr/local/include/xsec/utils/XSECXPathNodeList.hpp:181: parse error
> before `::'
> XSECC14n20010315.cpp: In method `void XSECC14n20010315::init()':
> XSECC14n20010315.cpp:358: `c14ntarget' undeclared (first use this function)
> XSECC14n20010315.cpp:358: (Each undeclared identifier is reported only once
> XSECC14n20010315.cpp:358: for each function it appears in.)
> XSECC14n20010315.cpp:358: parse error before `('
> XSECC14n20010315.cpp:359: `formatBuffer' undeclared (first use this
> function)
> XSECC14n20010315.cpp:362: `formatter' undeclared (first use this function)
> gmake[1]: *** [../../lib/obj/XSECC14n20010315.o] Error 1
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> gmake: *** [compile] Error 2
>
>
>
>
>
> */Berin Lautenbach /* wrote:
>
> Monica,
>
> Can you remind me - is 2.1 with the old DOM_Node interface? (Nodes were
> not pointers, they were objects with reference counts - a kind of Java
> approach in C++).
>
> If so, the released versions won't support it. (OpenSSL 0.9.6 should be
> fine.) Early beta code supported 2.1, but you'd need to go back into
> the CVS to find a version that worked, and it wouldn't be fully
> functional.
>
> Cheers,
> Berin
>
> Monica Lau wrote:
>
> > Hi,
> >
> > I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and
> > Xerces 2.5. However, our code base is really out-of-date. We're
> using
> > OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code
> base,
> > but it might be a huge effort. Are there older versions of XSec that
> > would work with the above, older OpenSSL and Xerces versions? I
> tried
> > 1.0.0, but that didn't compile.
> >
> > Thanks for your help in advance!
> >
> > Regards,
> > Monica
> >
> >
> >
> >
> ------------------------------------------------------------------------
> > Do you Yahoo!?
> > Yahoo! Mail Address AutoComplete
> >
> > - You start. We finish.
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> vote.yahoo.com - Register online to vote today!
---------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
Re: XSec Versions
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Monica,
I've just had a quick look - the major difference between 2.1 and 2.6 is
the use of the xerces namespace. It looks like there are a few places
where we haven't been quite clean on the macros, so things are not
compiling (the macros should remove namespace usage if the xerces
namespace is not defined).
I'll have a look and see what I can do - probably on the weekend. But
it would mean you would have to move to a CVS checkout - although we are
planning to get a release out in mid Oct.
Cheers,
Berin
Monica Lau wrote:
> Hi,
>
> I checked the Xerces C++ migration archive, and the DOM reorganization
> happened in Xerces 2.0.0. Snippet from archive: "The old Java-like DOM
> is now deprecated, and all the associated files, including the headers
> and DOMParser files are moved to |src/xercesc/dom/deprecated|. Users of
> the old Java-like DOM are required to change all their #include lines to
> pick up the headers." Is this what you're referring to about the old
> DOM_Node interface? So, I believe 2.1 is using the new interface.
>
> I've included the compilation errors below (compiling XSec 1.0.0 with
> Xerces 2.1 and OpenSSL 0.9.6b). Please let me know if I need to
> backtrack to an older version of XSec or upgrade to a higher Xerces
> version...
>
> Thanks for your help,
> Monica
>
>
> branches 16:57:41 ~/xml-security-c-1.0.0/src $ gmake
> mkdir -p ../lib
> mkdir -p ../lib/obj
> mkdir -p ../bin
> mkdir -p ../bin/obj
> gmake -C canon includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> mkdir -p ../../include/xsec/canon
> cp -p XSECC14n20010315.hpp XSECCanon.hpp ../../include/xsec/canon
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> gmake -C transformers includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/transformers'
> mkdir -p ../../include/xsec/transformers
> cp -p TXFMBase.hpp TXFMBase64.hpp TXFMC14n.hpp TXFMChain.hpp
> TXFMDocObject.hpp TXFMEnvelope.hpp TXFMMD5.hpp TXFMOutputFile.hpp
> TXFMParser.hpp TXFMSB.hpp TXFMSHA1.hpp TXFMURL.hpp TXFMXPath.hpp
> TXFMXPathFilter.hpp TXFMXSL.hpp ../../include/xsec/transformers
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/transformers'
> gmake -C dsig includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
> mkdir -p ../../include/xsec/dsig
> cp -p DSIGConstants.hpp DSIGKeyInfo.hpp DSIGKeyInfoList.hpp
> DSIGKeyInfoMgmtData.hpp DSIGKeyInfoName.hpp DSIGKeyInfoPGPData.hpp
> DSIGKeyInfoSPKIData.hpp DSIGKeyInfoValue.hpp DSIGKeyInfoX509.hpp
> DSIGReference.hpp DSIGReferenceList.hpp DSIGSignature.hpp
> DSIGSignedInfo.hpp DSIGTransform.hpp DSIGTransformBase64.hpp
> DSIGTransformC14n.hpp DSIGTransformEnvelope.hpp DSIGTransformList.hpp
> DSIGTransformXPath.hpp DSIGTransformXPathFilter.hpp DSIGTransformXSL.hpp
> DSIGXPathFilterExpr.hpp DSIGXPathHere.hpp ../../include/xsec/dsig
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
> gmake -C enc includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/enc'
> mkdir -p ../../include/xsec/enc
> cp -p XSECCryptoBase64.hpp XSECCryptoException.hpp XSECCryptoHash.hpp
> XSECCryptoKey.hpp XSECCryptoKeyDSA.hpp XSECCryptoKeyHMAC.hpp
> XSECCryptoKeyRSA.hpp XSECCryptoProvider.hpp XSECCryptoX509.hpp
> XSECKeyInfoResolver.hpp XSECKeyInfoResolverDefault.hpp
> ../../include/xsec/enc
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/enc'
> gmake -C enc/OpenSSL includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> mkdir -p ../../../include/xsec/enc/OpenSSL
> cp -p OpenSSLCryptoBase64.hpp OpenSSLCryptoHash.hpp
> OpenSSLCryptoHashHMAC.hpp OpenSSLCryptoKeyDSA.hpp
> OpenSSLCryptoKeyHMAC.hpp OpenSSLCryptoKeyRSA.hpp
> OpenSSLCryptoProvider.hpp OpenSSLCryptoX509.hpp
> ../../../include/xsec/enc/OpenSSL
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
> gmake -C framework includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/framework'
> mkdir -p ../../include/xsec/framework
> cp -p XSECDefs.hpp XSECError.hpp XSECException.hpp XSECProvider.hpp
> XSECURIResolver.hpp XSECURIResolverXerces.hpp XSECW32Config.hpp
> XSECConfig.hpp ../../include/xsec/framework
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/framework'
> gmake -C utils includes
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/utils'
> mkdir -p ../../include/xsec/utils
> cp -p XSECBinTXFMInputStream.hpp XSECDOMUtils.hpp
> XSECNameSpaceExpander.hpp XSECPlatformUtils.hpp XSECSafeBuffer.hpp
> XSECSafeBufferFormatter.hpp XSECTXFMInputSource.hpp
> XSECXPathNodeList.hpp ../../include/xsec/utils
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/utils'
> gmake -C utils/unixutils includes
> gmake[1]: Entering directory
> `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> mkdir -p ../../../include/xsec/utils/unixutils
> cp -p XSECBinHTTPURIInputStream.hpp XSECURIResolverGenericUnix.hpp
> ../../../include/xsec/utils/unixutils
> gmake[1]: Leaving directory
> `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
> gmake -C canon compile
> gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> g++ -O2 -DNDEBUG -Wall -fPIC -DFREEBSD -c -I/usr/local/include
> -I../../include -o ../../lib/obj/XSECC14n20010315.o XSECC14n20010315.cpp
> In file included from /usr/local/include/xsec/canon/XSECC14n20010315.hpp:35,
> from XSECC14n20010315.cpp:74:
> /usr/local/include/xsec/utils/XSECXPathNodeList.hpp:181: parse error
> before `::'
> XSECC14n20010315.cpp: In method `void XSECC14n20010315::init()':
> XSECC14n20010315.cpp:358: `c14ntarget' undeclared (first use this function)
> XSECC14n20010315.cpp:358: (Each undeclared identifier is reported only once
> XSECC14n20010315.cpp:358: for each function it appears in.)
> XSECC14n20010315.cpp:358: parse error before `('
> XSECC14n20010315.cpp:359: `formatBuffer' undeclared (first use this
> function)
> XSECC14n20010315.cpp:362: `formatter' undeclared (first use this function)
> gmake[1]: *** [../../lib/obj/XSECC14n20010315.o] Error 1
> gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
> gmake: *** [compile] Error 2
>
>
>
>
>
> */Berin Lautenbach <be...@wingsofhermes.org>/* wrote:
>
> Monica,
>
> Can you remind me - is 2.1 with the old DOM_Node interface? (Nodes were
> not pointers, they were objects with reference counts - a kind of Java
> approach in C++).
>
> If so, the released versions won't support it. (OpenSSL 0.9.6 should be
> fine.) Early beta code supported 2.1, but you'd need to go back into
> the CVS to find a version that worked, and it wouldn't be fully
> functional.
>
> Cheers,
> Berin
>
> Monica Lau wrote:
>
> > Hi,
> >
> > I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and
> > Xerces 2.5. However, our code base is really out-of-date. We're
> using
> > OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code
> base,
> > but it might be a huge effort. Are there older versions of XSec that
> > would work with the above, older OpenSSL and Xerces versions? I
> tried
> > 1.0.0, but that didn't compile.
> >
> > Thanks for your help in advance!
> >
> > Regards,
> > Monica
> >
> >
> >
> >
> ------------------------------------------------------------------------
> > Do you Yahoo!?
> > Yahoo! Mail Address AutoComplete
> >
> > - You start. We finish.
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> vote.yahoo.com <http://vote.yahoo.com> - Register online to vote today!
Re: XSec Versions
Posted by Monica Lau <ml...@yahoo.com>.
Hi,
I checked the Xerces C++ migration archive, and the DOM reorganization happened in Xerces 2.0.0. Snippet from archive: "The old Java-like DOM is now deprecated, and all the associated files, including the headers and DOMParser files are moved to src/xercesc/dom/deprecated. Users of the old Java-like DOM are required to change all their #include lines to pick up the headers." Is this what you're referring to about the old DOM_Node interface? So, I believe 2.1 is using the new interface.
I've included the compilation errors below (compiling XSec 1.0.0 with Xerces 2.1 and OpenSSL 0.9.6b). Please let me know if I need to backtrack to an older version of XSec or upgrade to a higher Xerces version...
Thanks for your help,
Monica
branches 16:57:41 ~/xml-security-c-1.0.0/src $ gmake
mkdir -p ../lib
mkdir -p ../lib/obj
mkdir -p ../bin
mkdir -p ../bin/obj
gmake -C canon includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
mkdir -p ../../include/xsec/canon
cp -p XSECC14n20010315.hpp XSECCanon.hpp ../../include/xsec/canon
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
gmake -C transformers includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/transformers'
mkdir -p ../../include/xsec/transformers
cp -p TXFMBase.hpp TXFMBase64.hpp TXFMC14n.hpp TXFMChain.hpp TXFMDocObject.hpp TXFMEnvelope.hpp TXFMMD5.hpp TXFMOutputFile.hpp TXFMParser.hpp TXFMSB.hpp TXFMSHA1.hpp TXFMURL.hpp TXFMXPath.hpp TXFMXPathFilter.hpp TXFMXSL.hpp ../../include/xsec/transformers
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/transformers'
gmake -C dsig includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
mkdir -p ../../include/xsec/dsig
cp -p DSIGConstants.hpp DSIGKeyInfo.hpp DSIGKeyInfoList.hpp DSIGKeyInfoMgmtData.hpp DSIGKeyInfoName.hpp DSIGKeyInfoPGPData.hpp DSIGKeyInfoSPKIData.hpp DSIGKeyInfoValue.hpp DSIGKeyInfoX509.hpp DSIGReference.hpp DSIGReferenceList.hpp DSIGSignature.hpp DSIGSignedInfo.hpp DSIGTransform.hpp DSIGTransformBase64.hpp DSIGTransformC14n.hpp DSIGTransformEnvelope.hpp DSIGTransformList.hpp DSIGTransformXPath.hpp DSIGTransformXPathFilter.hpp DSIGTransformXSL.hpp DSIGXPathFilterExpr.hpp DSIGXPathHere.hpp ../../include/xsec/dsig
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/dsig'
gmake -C enc includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/enc'
mkdir -p ../../include/xsec/enc
cp -p XSECCryptoBase64.hpp XSECCryptoException.hpp XSECCryptoHash.hpp XSECCryptoKey.hpp XSECCryptoKeyDSA.hpp XSECCryptoKeyHMAC.hpp XSECCryptoKeyRSA.hpp XSECCryptoProvider.hpp XSECCryptoX509.hpp XSECKeyInfoResolver.hpp XSECKeyInfoResolverDefault.hpp ../../include/xsec/enc
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/enc'
gmake -C enc/OpenSSL includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
mkdir -p ../../../include/xsec/enc/OpenSSL
cp -p OpenSSLCryptoBase64.hpp OpenSSLCryptoHash.hpp OpenSSLCryptoHashHMAC.hpp OpenSSLCryptoKeyDSA.hpp OpenSSLCryptoKeyHMAC.hpp OpenSSLCryptoKeyRSA.hpp OpenSSLCryptoProvider.hpp OpenSSLCryptoX509.hpp ../../../include/xsec/enc/OpenSSL
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/enc/OpenSSL'
gmake -C framework includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/framework'
mkdir -p ../../include/xsec/framework
cp -p XSECDefs.hpp XSECError.hpp XSECException.hpp XSECProvider.hpp XSECURIResolver.hpp XSECURIResolverXerces.hpp XSECW32Config.hpp XSECConfig.hpp ../../include/xsec/framework
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/framework'
gmake -C utils includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/utils'
mkdir -p ../../include/xsec/utils
cp -p XSECBinTXFMInputStream.hpp XSECDOMUtils.hpp XSECNameSpaceExpander.hpp XSECPlatformUtils.hpp XSECSafeBuffer.hpp XSECSafeBufferFormatter.hpp XSECTXFMInputSource.hpp XSECXPathNodeList.hpp ../../include/xsec/utils
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/utils'
gmake -C utils/unixutils includes
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
mkdir -p ../../../include/xsec/utils/unixutils
cp -p XSECBinHTTPURIInputStream.hpp XSECURIResolverGenericUnix.hpp ../../../include/xsec/utils/unixutils
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/utils/unixutils'
gmake -C canon compile
gmake[1]: Entering directory `/home/mlau/xml-security-c-1.0.0/src/canon'
g++ -O2 -DNDEBUG -Wall -fPIC -DFREEBSD -c -I/usr/local/include -I../../include -o ../../lib/obj/XSECC14n20010315.o XSECC14n20010315.cpp
In file included from /usr/local/include/xsec/canon/XSECC14n20010315.hpp:35,
from XSECC14n20010315.cpp:74:
/usr/local/include/xsec/utils/XSECXPathNodeList.hpp:181: parse error before `::'
XSECC14n20010315.cpp: In method `void XSECC14n20010315::init()':
XSECC14n20010315.cpp:358: `c14ntarget' undeclared (first use this function)
XSECC14n20010315.cpp:358: (Each undeclared identifier is reported only once
XSECC14n20010315.cpp:358: for each function it appears in.)
XSECC14n20010315.cpp:358: parse error before `('
XSECC14n20010315.cpp:359: `formatBuffer' undeclared (first use this function)
XSECC14n20010315.cpp:362: `formatter' undeclared (first use this function)
gmake[1]: *** [../../lib/obj/XSECC14n20010315.o] Error 1
gmake[1]: Leaving directory `/home/mlau/xml-security-c-1.0.0/src/canon'
gmake: *** [compile] Error 2
Berin Lautenbach <be...@wingsofhermes.org> wrote:
Monica,
Can you remind me - is 2.1 with the old DOM_Node interface? (Nodes were
not pointers, they were objects with reference counts - a kind of Java
approach in C++).
If so, the released versions won't support it. (OpenSSL 0.9.6 should be
fine.) Early beta code supported 2.1, but you'd need to go back into
the CVS to find a version that worked, and it wouldn't be fully functional.
Cheers,
Berin
Monica Lau wrote:
> Hi,
>
> I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and
> Xerces 2.5. However, our code base is really out-of-date. We're using
> OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code base,
> but it might be a huge effort. Are there older versions of XSec that
> would work with the above, older OpenSSL and Xerces versions? I tried
> 1.0.0, but that didn't compile.
>
> Thanks for your help in advance!
>
> Regards,
> Monica
>
>
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete
>
> - You start. We finish.
---------------------------------
Do you Yahoo!?
vote.yahoo.com - Register online to vote today!
Re: XSec Versions
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Monica,
Can you remind me - is 2.1 with the old DOM_Node interface? (Nodes were
not pointers, they were objects with reference counts - a kind of Java
approach in C++).
If so, the released versions won't support it. (OpenSSL 0.9.6 should be
fine.) Early beta code supported 2.1, but you'd need to go back into
the CVS to find a version that worked, and it wouldn't be fully functional.
Cheers,
Berin
Monica Lau wrote:
> Hi,
>
> I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and
> Xerces 2.5. However, our code base is really out-of-date. We're using
> OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code base,
> but it might be a huge effort. Are there older versions of XSec that
> would work with the above, older OpenSSL and Xerces versions? I tried
> 1.0.0, but that didn't compile.
>
> Thanks for your help in advance!
>
> Regards,
> Monica
>
>
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete
> <http://us.rd.yahoo.com/mail_us/taglines/aac/*http://promotions.yahoo.com/new_mail/static/ease.html>
> - You start. We finish.
AW: XSec Versions
Posted by Matthias Niggemeier <m...@thias.de>.
Monica,
when xsec 1.0.0 was released, the actual version of xerces was 2.2 or 2.3,
if I remember correctly. Digging in my memories, I think it should also
work with 2.1 (... long time gone since then... :-) )
Which errors do you get?
I wouldn't recommend to use older versions of xsec, since 1.0 was
(compared
to 1.1) very slow.
Migrating your codebase from 2.1 to 2.5 is not very difficult if you don't
use deprecated api. Simply compile with the new version and test.
I can't help with the openssl-issue, since I do not use it.
Regards
Matthias
> -----Ursprüngliche Nachricht-----
> Von: Monica Lau [mailto:mllau2004@yahoo.com]
> Gesendet: Montag, 4. Oktober 2004 21:23
> An: security-dev@xml.apache.org
> Betreff: XSec Versions
>
>
> Hi,
>
> I downloaded XSec 1.1, and it worked great with OpenSSL
> 0.9.7d and Xerces 2.5. However, our code base is really
> out-of-date. We're using OpenSSL 0.9.6 and Xerces 2.1. We
> really need to upgrade our code base, but it might be a huge
> effort. Are there older versions of XSec that would work
> with the above, older OpenSSL and Xerces versions? I tried
> 1.0.0, but that didn't compile.
>
> Thanks for your help in advance!
>
> Regards,
> Monica
>
>
>
> _____
>
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete
> <http://us.rd.yahoo.com/mail_us/taglines/aac/*http://promotion
s.yahoo.com/new_mail/static/ease.html> - You start. We finish.
XSec Versions
Posted by Monica Lau <ml...@yahoo.com>.
Hi,
I downloaded XSec 1.1, and it worked great with OpenSSL 0.9.7d and Xerces 2.5. However, our code base is really out-of-date. We're using OpenSSL 0.9.6 and Xerces 2.1. We really need to upgrade our code base, but it might be a huge effort. Are there older versions of XSec that would work with the above, older OpenSSL and Xerces versions? I tried 1.0.0, but that didn't compile.
Thanks for your help in advance!
Regards,
Monica
---------------------------------
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
RE: XML Signature Newbie
Posted by Matthias Niggemeier <m...@thias.de>.
> -----Original Message-----
> From: Monica Lau [mailto:mllau2004@yahoo.com]
> Sent: Friday, October 01, 2004 7:38 PM
> To: security-dev@xml.apache.org
> Subject: XML Signature Newbie
>
>
> Hi,
>
> I'm a newbie on XML signatures. I've been reading up on it
> lately, and I have some questions below that I hope you can
> help me with:
>
> (1) I looked at the simpleHMAC.cpp example, which uses
> enveloped signature. This requires Xalan.
No. You don't need xalan for enveloped signature. I use
the code from the HMAC-Sample in my own project without
xalan.
Greetings
Matthias