You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by VOITURIER Benjamin <Be...@staff.certipost.be> on 2003/06/25 09:34:54 UTC

XMLUtils.circumventBug2650() and XSLT transform problem...

Hello, 
 
I'm trying to create an Enveloped signature on a simple xml document.
The signature contains only one reference element with URI="" pointing
to the current document and 3 transforms (envelope signature, xslt and
c14n).
 
I noticed that the signing process calls the
XMLUtils.circumventBug2650() (Xalan bug) while resolving references
which recursively propagates/copies a node's namespace attribute to all
sub-nodes starting at the reference's owner document. 
 
Problem is that the XSLT transform's stylesheet content which has XML
output also receives all parent nodes xmlns attributes as attributes.
This means at least xmlns:dsig="http://www.w3.org/2000/09/xmldsig#". The
consequence is that the root tag of the XSLT output which is later
digested contains this unused
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"declaration as attribute.
 
Signature verification fails with IAIK IXSIL but works with XMLSec
Library which apparently does the same.
Also, signatures generated with those providers can't be verified with
apache xml security libs.
 
Is there a trick to solve that ???


STRICTLY PERSONAL AND CONFIDENTIAL
This message may contain confidential and proprietary material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.

Ce Message est uniquement destin� aux r�cipiendaires indiqu�s et peut contenir des informations confidentielles. Si vous n'�tes pas le r�cipiendaire, vous ne devez pas r�v�ler le contenu de ce message ou en prendre copie. Si vous avez re�u ce message par erreur, veuillez en informer l'exp�diteur, ou La Poste imm�diatement, avant de le supprimer.

Dit bericht is enkel bestemd voor de aangeduide ontvangers en kan vertrouwelijke informatie bevatten. Als u niet de ontvanger bent, dan mag u de inhoud van dit bericht niet bekendmaken noch kopi�ren. Als u dit bericht per vergissing heeft ontvangen, gelieve er de afzender of De Post onmiddellijk van op de hoogte te brengen en het bericht vervolgens te verwijderen.