[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xml-security-dev
Subject:    Re: Invalid Signature problem through Empty elements are converted to start-end tag pairs
From:       Harakiri <harakiri_23 () yahoo ! com>
Date:       2009-01-29 17:08:49
Message-ID: 463822.26942.qm () web52205 ! mail ! re2 ! yahoo ! com
[Download RAW message or body]

> From what I can tell, I think you are trying to generate an
> enveloped signature that signs the entire contents of the
> document (excluding the signature). In that case, you should
> replace your code and use the example above as a guideline.

This is what i want to do, but i need to find a way to verify the signatures \
correctly of the xml sigs that were created with the legacy system. Currently i can \
only verify that the signature itself is valid, not the refs - maybe there is \
something to make the ref validiation also valid?


> These appear to be really old from a Sun product (JWSDP)
> that is no longer supported. If possible, I would encourage
> you to move to something more recent, either use the
> xmlsec.jar from a recent Apache XML Security release (which
> will work on JDK 1.4.2 and up) or the XML Security/JSR 105
> implementation built into JDK 6.


Yes i want to move to the xml security of apache, hence why i am having trouble \
verifiying my old signatures. I cant move to the new one, if my old signatures are \
shown as invalid (only the reference validiation tho)



      


[prev in list] [next in list] [prev in thread] [next in thread]