[x3d-public] Apache Santuario Java - XML security test sat
John Carlson
yottzumm at gmail.com
Fri Dec 6 02:10:44 PST 2019
On Thu, Dec 5, 2019 at 5:25 PM <yottzumm at gmail.com> wrote:
>
> I would tend to use Gnu Privacy Guard (GPG)with JSON and have already
> implemented some simple test cases for X3D JSON (somewhere), however the
> information about GPG may be around 8 years old, and I don't know what
> they're doing with RSA in GPG. I can ask a few of my security friends if
> someone becomes very interested in this.
>
After some putzing around with the code, I got x3dserve working locally.
Here is the source code:
https://github.com/coderextreme/x3dserve
Note that I no longer use a stylesheet to convert XML to JSON. I use my
own serializer. This was because I couldn't get java to work from node.js
code. Well, I didn't want to install python 2.7 which node-gyp seems to
depend on.
But I think most aspects of encryption are covered.
Further work involved removing dependencies on Python 2.7 in X3DJSONLD.
Python 2 support ends at the end of the month!
Hopefully the node-gyp/java guys will get on the ball, and I won't have to
flip any other code.
This is a warning for all those that reinstall X3DJSONLD. Keep your
environment the same until I can upgrade X3DJSONLD.
Also this puts more pressure on Saxonica to get a good free JavaScript
version in the browser.
Good luck if you use my code. It's intended for private use, and not to be
put up on a server.
It appears that the default --gen-key with GPG uses RSA. That is something
that should be looked at.
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20191206/8560e7eb/attachment.html>
More information about the x3d-public
mailing list