Wednesday, May 23. 2012
Monday, September 26. 2011
It's been some time since the last release and there have been a number of features and a few bug fixes so I figured it was time for a new release. A few of you have sent me some patches that are not included in this release as they were too major for this release but they will be included for a 2.0 branch I am planning on starting shortly.
You can find 1.3.0 here:
Things added or fixed in this release:
26, Sep 2011, 1.3.0
- Add param to append sig to node when signing. Fixes a problem when using
inclusive canonicalization to append a signature within a namespaced subtree.
ex. $objDSig->sign($objKey, $appendToNode);
- Add ability to encrypt by reference
- Add support for refences within an encrypted key
- Add thumbprint generation capability (XMLSecurityKey->getX509Thumbprint() and
- Return signature element node from XMLSecurityDSig::insertSignature() and
- Support for
- Add XMLSecurityKey::getSymmetricKeySize() method (Olav)
- Add XMLSecEnc::getCipherValue() method (Olav)
- Improve XMLSecurityKey:generateSessionKey() logic (Olav)
- Change split() to explode() as split is now depreciated
- ds:References using empty or simple URI Id reference should never include
comments in canonicalized data.
- Make sure that the elements in EncryptedData are emitted in the correct
Thursday, September 16. 2010
This evening when trying to stream Netflix using the Netflix widget on my Vizio TV, I ran into an issue where only my Instant Queue was available. Having seen a similar issues before, I first checked that all my other Netflix enabled devices. They all worked perfectly so I ended up having to dig a little deeper into the Vizio widget. Last time I had streamed a movie to this particular TV was a couple of weeks ago; at which time it was working fine and all the queues were available for selection, so I knew something was broken here. After some troubleshooting with no luck, I ended up just searching the Net to see if anyone else was having the same issue. Sure enough I wasn't alone. The problem seems to have started a little over a week ago.
After a few hours of searching I finally found someone who figure out how to get it working again. It appears the widget was recently updated and in order to get all the queues to show up, the widget needed to be deactivated and then reactivated. Sounds simple enough, but unfortunately not so straightforward. The widget doesn't have an option to do this via the UI. You are required to send a serious of commands via the remote in order to access the hidden functionality.
Once in your instant queue, enter the following commands on the remote:
up up down down left right left right up up up up
This brings up the prompt to deactivate the widget from your Netflix account. Select yes and then confirm. Once successfully deactivate, just restart the widget, reactivate it against your account and you should happily now see all the queues now available for selection.
Friday, March 19. 2010
Support for dealing with encrypted SOAP messages was a feature that had been missing from my WS-* libraries pretty much due to my lack of time to implement it. When people ask for help interoperating with a SOAP server that requires encryption I typically just point them over to the WSF project. The problem has been that in many cases people are unable to install that framework, as they don't control the servers, or more recently I have gotten reports that they simply could not get it to work. Either it didn't support what they needed, wouldn't compile, or simple wouldn't work with even simple SOAP requests. I decided to finally set aside some time and implement the encryption/decryption portion of the library. Note that it was developed against some WCF services implementing message level security, so your mileage might vary against other platforms. Bug reports would be fastest way of getting any of those issues dealt with.
As part of the recent changes, I also finally got around to creating an official project for the libraries rather than just being ad-hoc files people pulled from my web site. The libraries are now officially part of the wse-php project hosted over at Google Code. It was a toss up between that and GitHub, but I really wanted to play around with Mercurial since I already use Git over at the Gnome project. Currently the libraries provide support for a portion of WS-Addressing and WS-Security that can be used with ext/soap in PHP. As time goes on I plan to add some support for simplified configuration of messaging as well as some other of the WS-* specs that might be useful when interoperating with other SOAP servers.
Monday, January 11. 2010
After quite some time, version 1.2.2 has finally been released. It can be downloaded at: http://xmlseclibs.googlecode.com/files/xmlseclibs-1.2.2.tar.gz
- Add support XPath support when creating signature. Provides support for
working with EBXML documents.
- Add reference option to force creation of URI attribute. For use
when adding a DOM Document where by default no URI attribute is added.
- Add support for RSA-SHA256
- fix bug #5: createDOMDocumentFragment() in decryptNode when data is node
content (patch by Francois Wang)
Please submit any bugs or feature requests into the Issue Tracker.
Thursday, May 28. 2009
Another php|tek has come and gone. Although a bit behind, I finally got my slides online for my Streaming XML talk. I lingered a little too long on a few topics so the XMLWriter portion was a bit rushed. If anyone has questions on any of the topics, feel free to drop me a line. I did promise a few people I would write a bit about XMLReader and XMLWriter, but it's slow going as I try to find the time. Hopefully in the not to distant future I can get to this. This Dad thing is really time consuming
Wednesday, January 7. 2009
While working on OAuth implementations for our clients at Mashery, one of the biggest issues I see developers running into is how to debug and fix invalid signature errors. There are numerous OAuth libraries out there, in fact we even have our own, so how do you determine which side is really generating the correct signature and which has a flaw in the logic? I find that using a third party library is a great way to quickly zero in on which side is at the root of the issue. The problem, however, is there are no readily available tools to do this. I have found a number of test applications, but they pretty much are for testing wether a consumer library/app is working correctly against them.
We mostly deal with providing the service provider side of OAuth, meaning numerous different endpoints, so these tools were of little help. I ended up writing a down and dirty signature generation app using the C# OAuth library (so Windows only folks). It will generate a signature based on the different OAuth parameters you enter. You can use this to compare the signature it generates to that from your consumer app or service provider. Full source code and more detailed information can be found on the Mashery Customer Solutions site. Time permitting, I may continue to add features to this tool. Hopefully others find this useful as well.
Source and Binaries: OAuth Signature Validation Tool
(Page 1 of 1, totaling 7 entries)
I can be reached via my i-name: =Rob.Richards