[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] Why does project org.eclipse.higgins.sts.xmlsecurity.apache (redeclare) XMLUtils.java?
Mike's on vacation, but I recall the same thing. The modified xmlsecurity package is needed because of the way that Microsoft implemented the crypto for Cardspace.

...Greg


Ian Hummel wrote:
I found a page here that implies you need a patched xmlsec jar for cardspace to import the cards.

     http://wso2.org/forum/thread/1138

Mike, can you confirm?

Thanks,

- ian.


On Jun 25, 2008, at 1:15 PM, Ian Hummel wrote:

The project org.eclipse.higgins.sts.xmlsecurity.apache has a class,
org.apache.xml.security.utils.XMLUtils.java and also some xml files in
META-INF...

I noticed that  having this jar in the classpath changes the way
xmlsec generates or serializes signatures so I'm looking for some
background about this...

Does anyone have any ideas?


Without that jar on the classpath (apparently it adds some line-
breaks?):

<?xml version="1.0" encoding="UTF-8"?><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#
">
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="#IC01" xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/
xmldsig#">48TKiXHhdrATqVcuD6KiJQPqNGQ=</ds:DigestValue>
...

With that jar on the classpath:

<?xml version="1.0" encoding="UTF-8"?><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#
"><ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/
xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#
"/><ds:Reference URI="#IC01" xmlns:ds="http://www.w3.org/2000/09/xmldsig#
"><ds:Transforms xmlns:ds="http://www.w3.org/2000/09/
xmldsig#"><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/></
ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1
" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/><ds:DigestValue
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>wxD7QxeMbt4VP5tLR9385Pl8U
+Q=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
NekOl/NnUNyiWnMUkf/QocMxE6tyA5iu35r1/XOqa8kSyyM9H/
FPuyz8csB2e0tVZoGj0YU4f6kp
a5ZJ53NHbJJSG0iOq4EppdJMKXfwrgQxC
+tVFyhLHIcP9lCIAJspIDOPCqsrYmWupTmXr1pbQb1D
4JnfRM05YlnJ+/OTP58=
</ds:SignatureValue><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#
"><ds:X509Data xmlns:ds="http://www.w3.org/2000/09/
xmldsig#"><ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#
">
MIIChTCCAe4CAxAABTANBgkqhkiG9w0BAQQFADCBqzETMBEGA1UEChMKUGFyaXR5IEluYzEjMCEG

A1UECxMaUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxIzAhBgkqhkiG9w0BCQEWFGh1bW1lbEBw

YXJpdHlpbmMubmV0MRAwDgYDVQQHEwdOZWVkaGFtMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQsw

CQYDVQQGEwJVUzETMBEGA1UEAxMKSWFuIEh1bW1lbDAeFw0wODAyMTIxNTI2NTlaFw0wOTAyMTEx

NTI2NTlaMGgxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMRMwEQYDVQQKEwpQ 

...


_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev


_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev