[higgins-dev] Why does project org.eclipse.higgins.sts.xmlsecurity.apach

[Ian Hummel <hummel@xxxxxxxxxxxxx>]

The project org.eclipse.higgins.sts.xmlsecurity.apache has a class,  
org.apache.xml.security.utils.XMLUtils.java and also some xml files in  
META-INF...

I noticed that  having this jar in the classpath changes the way  
xmlsec generates or serializes signatures so I'm looking for some  
background about this...

Does anyone have any ideas?


Without that jar on the classpath (apparently it adds some line- 
breaks?):

<?xml version="1.0" encoding="UTF-8"?><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
">
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# 
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1 
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="#IC01" xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";  
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";  
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/ 
xmldsig#">48TKiXHhdrATqVcuD6KiJQPqNGQ=</ds:DigestValue>
...

With that jar on the classpath:

<?xml version="1.0" encoding="UTF-8"?><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
"><ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/ 
xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# 
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/><ds:SignatureMethod  
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
"/><ds:Reference URI="#IC01" xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
"><ds:Transforms xmlns:ds="http://www.w3.org/2000/09/ 
xmldsig#"><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# 
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/></ 
ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1 
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/><ds:DigestValue  
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>wxD7QxeMbt4VP5tLR9385Pl8U 
+Q=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue  
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
NekOl/NnUNyiWnMUkf/QocMxE6tyA5iu35r1/XOqa8kSyyM9H/ 
FPuyz8csB2e0tVZoGj0YU4f6kp
a5ZJ53NHbJJSG0iOq4EppdJMKXfwrgQxC 
+tVFyhLHIcP9lCIAJspIDOPCqsrYmWupTmXr1pbQb1D
4JnfRM05YlnJ+/OTP58=
</ds:SignatureValue><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
"><ds:X509Data xmlns:ds="http://www.w3.org/2000/09/ 
xmldsig#"><ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
">
MIIChTCCAe4CAxAABTANBgkqhkiG9w0BAQQFADCBqzETMBEGA1UEChMKUGFyaXR5IEluYzEjMCEG
A1UECxMaUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIzAhBgkqhkiG9w0BCQEWFGh1bW1lbEBw
YXJpdHlpbmMubmV0MRAwDgYDVQQHEwdOZWVkaGFtMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQsw
CQYDVQQGEwJVUzETMBEGA1UEAxMKSWFuIEh1bW1lbDAeFw0wODAyMTIxNTI2NTlaFw0wOTAyMTEx
NTI2NTlaMGgxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMRMwEQYDVQQKEwpQ
...