[xmlsec] Transform names

Jesse Pelton jsp at PKC.com
Wed Feb 26 06:22:28 PST 2003

I'd like to report as much useful information as possible in the event
signature generation or validation fails. Ideally, this would include the
name of any failed transform(s). I could use xmlSecTransformId's href
member, but it seems like a really bad idea to rely on an internal
structure. Would you (Aleksey) consider adding a function to obtain a
human-readable name given a transformId?

Returning the href would be trivial; in the best of all possible worlds,
you'd also be able to get a "friendlier" string (say, "Enveloped Signature
Transform" for "http://www.w3.org/2000/09/xmldsig#enveloped-signature"). For
XML Signature, at least, you might be able to use the header text from the
subsections of section 6.0 of the W3C recommendation: "SHA-1," "HMAC,"
"DSA," "PKCS1 (RSA-SHA1)," "Canonical XML," "Bas64," and so on. There may be
better approaches.

More information about the xmlsec mailing list