1 Reply Latest reply: Nov 9, 2012 4:36 PM by 644587 RSS

    xmldsig InclusiveNamespace prefix

    897992
      Hi !

      I try to sign a Soap envelop with xmldsig api. I add a default namespace prefix to the DOMSignContext, and I add a transform algorithm with InclusiveNamespaces to Reference. Unfortunately, the InclusiveNamespace takes the same namespace prefix has DOMSignContext. Is it possible to specify the InclusiveNamespace prefix to "ec"?

      Here is an example of my signature:
      <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
           <ds:SignedInfo>
                <ds:CanonicalizationMethod
                     Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                <ds:Reference URI="#8b91fcfd-cad4-4a76-8793-75b84fc799b8">
                     <ds:Transforms>
                          <ds:Transform
                               Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                               <ds:InclusiveNamespaces
                                    xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml #default xsi" />
                          </ds:Transform>
                     </ds:Transforms>
                     <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                     <ds:DigestValue>XXXXXXXX</ds:DigestValue>
                </ds:Reference>
           </ds:SignedInfo>
           <ds:SignatureValue>XXXXXXXXXXX</ds:SignatureValue>
           <ds:KeyInfo>
                <ds:X509Data>
                     <ds:X509Certificate>XXXXXXXXXX</ds:X509Certificate>
                </ds:X509Data>
           </ds:KeyInfo>
      </ds:Signature>
      Here is the code:
      DigestMethod digestMethod = fac.newDigestMethod(DigestMethod.SHA1, null);
      
      List<Transform> listTransform = Collections.synchronizedList(new ArrayList<Transform>());
      Transform transform = fac.newTransform(Transform.ENVELOPED,(TransformParameterSpec) null);
      listTransform.add(transform);
      
      List<String> prefix = Collections.synchronizedList(new ArrayList<String>());
      prefix.add("ds");
      prefix.add("saml");
      prefix.add(ExcC14NParameterSpec.DEFAULT);
      prefix.add("xsi");
      TransformParameterSpec param = new ExcC14NParameterSpec(prefix);
      transform = fac.newTransform(CanonicalizationMethod.EXCLUSIVE,(TransformParameterSpec) param);
      listTransform.add(transform);
      
      Reference ref = fac.newReference(URI, digestMethod, listTransform, null, null);
      Thanks.