Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade Apache Santuario to version 4.X.X #277

Closed
luisgoncalves opened this issue Nov 19, 2023 · 3 comments
Closed

Upgrade Apache Santuario to version 4.X.X #277

luisgoncalves opened this issue Nov 19, 2023 · 3 comments
Milestone

Comments

@luisgoncalves
Copy link
Owner

There are some changes to XmlSignatureInput types which need to be checked carefully.

@luisgoncalves luisgoncalves added this to the vNext milestone Nov 19, 2023
mjechow added a commit to mjechow/xades4j that referenced this issue Nov 21, 2023
@mjechow
Copy link
Contributor

mjechow commented Nov 21, 2023

I started a branch for this issue: https://github.com/mjechow/xades4j/tree/mje/xmlsec

@luisgoncalves
Copy link
Owner Author

luisgoncalves commented Nov 21, 2023

In TimeStampDigestInputImpl, I see you wrote:

digestInput.write(refData.getBytes());

I've checked XMLSignatureInput's getBytes and write methods, and I think we could use:

refData.write(digestInput);

It's slightly better if the XMLSignatureInput represents a Stream, as it avoids reading it into byte[]. WDYT? Can you put that up as a PR?


I'm now seeing that XMLSignatureInput actually handles canonicalization, so the code in TimeStampDigestInputImpl is a bit redundant. Anyway, since it is there, we know that in the end refData always contains bytes or a stream, so calling write won't canonicalize again. That code can later get a clean up, but it requires limiting a bit what C14N algorithms can be configured in xades4j via SignatureAlgorithms, which would be a breaking change.

@mjechow
Copy link
Contributor

mjechow commented Nov 22, 2023

yes, of course. I forgot that change.

luisgoncalves added a commit that referenced this issue Nov 22, 2023
Upgrade Apache Santuario to version 4.0.0 - resolves #277
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants