[xmlsec] Signing without readable private key (e.g. Smartcard)

Wolfgang Kraemer wolle.k at gmx.de
Wed Jun 11 06:18:32 PDT 2003


I developed an application that can sign a hash value with some different
smartcards. Now I would like to use this application for XML Signature. 

I think the XMLSec Library has all functions that I need to do this, but I
am not sure if it has the interfaces I would need. If I got it right if you
sign a XML doc with XMLSec you would do the following operations:

1. "Load" XML Doc
2. Create Signature Context
3. Add some References if needed
4. Load Private Key
5. Sign the Document
6. Save/Output the Document

I guess XMLSec will do the following steps during step 5:
a) Calculate Hash Values for each reference
b) Canonicalize and calcualte Hash Value of SignedInfo
c) Sign result of b) using private key

If I want to use my application to create a XML Signature with XMLSec I
would need to skip step 4 and step 5 c) and replace step 5 c) by my own smartcard
signature component (based on the result of step 5b) )

Am I right so far?

So it would be very easy for me if there is a function like
xmlSecDSigCtxCreateSignedInfoHash instead of xmlSecDSigCtxSign that creates the hash value
that should be signed.
Is there any function like this in XMLSec?

thank you for any help!


+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!

More information about the xmlsec mailing list