ok , thanks for pointing.<br><br>also i need to provide support for the digest method as : <a href="http://www.w3.org/2000/09/xmldsig#sha256" target="_blank">http://www.w3.org/200009/xmldsig#sha256</a> <br><br>for supporting this do i need to modify xmlsec ?<br>
<br>Regards,<br>Ashish<br><br><div class="gmail_quote">On Tue, Jun 2, 2009 at 8:01 PM, Aleksey Sanin <span dir="ltr"><<a href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Look at LibXML2 library, file c14n.c<br>
<br>
Aleksey<br>
<br>
Ashish Agrawal wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi Aleksey,<br>
<br><div class="im">
I would like to work on providing the latest canonical support, can u give me some pointers on the areas in the code where i need to foucs for the changes.<br>
<br>
Regards,<br>
Ashish<br>
<br></div><div><div></div><div class="h5">
On Mon, Jun 1, 2009 at 9:06 PM, Aleksey Sanin <<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>>> wrote:<br>
<br>
Sure, I see your point. Well, I haven't seen a lot of interest<br>
in C14N 1.1 support so far. BTW, C14N is a part of LibXML2.<br>
If you need C14N 1.1, then I am sure that Daniel will be happy<br>
to apply your patches to the main tree.<br>
<br>
Aleksey<br>
<br>
<br>
Ashish Agrawal wrote:<br>
<br>
Hi Aleksey,<br>
<br>
Thanks for prompt reply.<br>
<br>
The basis of my argument is the newer Widgets DSig specifies<br>
certain fixed values for Canonicalizationmethod & Digest Method.<br>
<br>
Eg:<br>
<?xml version="1.0" encoding="UTF-8"?><br>
<Signature xmlns="<a href="http://www.w3.org/2000/09/xmldsig#" target="_blank">http://www.w3.org/2000/09/xmldsig#</a>"><br>
<SignedInfo><br>
<CanonicalizationMethod<br>
Algorithm="<a href="http://www.w3.org/2006/12/xml-c14n11" target="_blank">http://www.w3.org/2006/12/xml-c14n11</a>"/><br>
<SignatureMethod<br>
Algorithm="<a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" target="_blank">http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</a>" /><br>
<Reference URI="config.xml"><br>
<DigestMethod<br>
Algorithm="<a href="http://www.w3.org/2001/04/xmlenc#sha256" target="_blank">http://www.w3.org/2001/04/xmlenc#sha256</a>"/><br>
<DigestValue>j6...8nk=</DigestValue><br>
</Reference><br>
<Reference URI="index.html"><br>
<DigestMethod<br>
Algorithm="<a href="http://www.w3.org/2001/04/xmlenc#sha256" target="_blank">http://www.w3.org/2001/04/xmlenc#sha256</a>"/><br>
<DigestValue>lm...34=</DigestValue><br>
</Reference><br>
<Reference URI="icon.png"><br>
<DigestMethod<br>
Algorithm="<a href="http://www.w3.org/2001/04/xmlenc#sha256" target="_blank">http://www.w3.org/2001/04/xmlenc#sha256</a>"/><br>
<DigestValue>pq...56=</DigestValue><br>
</Reference><br>
</SignedInfo><br>
<SignatureValue>MC0E~LE=</SignatureValue><br>
<KeyInfo><br>
<X509Data><br>
<X509Certificate>MI...lVN</X509Certificate><br>
</X509Data><br>
</KeyInfo><br>
</Signature><br>
<br>
<br>
So when i create a signature file with the abov mentioned<br>
canonicalizaiton and Digest method, xmlsec fails.<br>
Pls clarify.<br>
<br>
Regards,<br>
Ashish<br>
<br>
On Mon, Jun 1, 2009 at 8:55 PM, Aleksey Sanin<br>
<<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>><br></div></div><div><div></div><div class="h5">
<mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>>>> wrote:<br>
<br>
xmlsec implements XML DSig and the Widgets DSig is just<br>
a profile of XML DSig. Thus, I don't see why you claim<br>
that xmlsec doesn't support it.<br>
<br>
Aleksey<br>
<br>
Ashish Agrawal wrote:<br>
<br>
Hi Aleksey,<br>
<br>
I need to support<br>
*<a href="http://www.w3.org/TR/2009/WD-widgets-digsig-20090331/*" target="_blank">http://www.w3.org/TR/2009/WD-widgets-digsig-20090331/*</a><br>
and seems that current version of xmlsec doesn't support<br>
it, Is<br>
there any plan for it.<br>
<br>
Regards,<br>
Ashish<br>
<br>
On Mon, Jun 1, 2009 at 8:02 PM, Aleksey Sanin<br>
<<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>><br>
<mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>>><br>
<mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>><br>
<mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a> <mailto:<a href="mailto:aleksey@aleksey.com" target="_blank">aleksey@aleksey.com</a>>>>> wrote:<br>
<br>
<a href="https://www.aleksey.com/xmlsec/xmldsig.html" target="_blank">https://www.aleksey.com/xmlsec/xmldsig.html</a><br>
<br>
Aleksey<br>
<br>
Ashish Agrawal wrote:<br>
<br>
Hi Aleksey,<br>
<br>
i want to know which standards of DigestMethod and<br>
Canonicalization Method is supported by xmlsec<br>
currently.<br>
<br>
I ve a requirement where i ve the Digest method as:<br>
<a href="http://www.w3.org/2000/09/xmldsig#sha256" target="_blank">http://www.w3.org/2000/09/xmldsig#sha256</a> and<br>
Canonicalization<br>
methord as : <a href="http://www.w3.org/2006/12/xml-c14n11" target="_blank">http://www.w3.org/2006/12/xml-c14n11</a>.<br>
Will this be supported ?<br>
<br>
~Ashish<br>
<br>
<br>
------------------------------------------------------------------------<br>
<br>
_______________________________________________<br>
xmlsec mailing list<br>
<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>><br>
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>><br>
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>><br>
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>>><br>
<br>
<br>
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br>
<br>
<br>
<br>
------------------------------------------------------------------------<br>
<br>
_______________________________________________<br>
xmlsec mailing list<br>
<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>><br>
<mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a> <mailto:<a href="mailto:xmlsec@aleksey.com" target="_blank">xmlsec@aleksey.com</a>>><br>
<a href="http://www.aleksey.com/mailman/listinfo/xmlsec" target="_blank">http://www.aleksey.com/mailman/listinfo/xmlsec</a><br>
<br>
<br>
<br>
</div></div></blockquote>
</blockquote></div><br>