[xmlsec] Signing without readable private key (e.g. Smartcard)
wolle.k at gmx.de
Wed Jun 11 06:18:32 PDT 2003
I developed an application that can sign a hash value with some different
smartcards. Now I would like to use this application for XML Signature.
I think the XMLSec Library has all functions that I need to do this, but I
am not sure if it has the interfaces I would need. If I got it right if you
sign a XML doc with XMLSec you would do the following operations:
1. "Load" XML Doc
2. Create Signature Context
3. Add some References if needed
4. Load Private Key
5. Sign the Document
6. Save/Output the Document
I guess XMLSec will do the following steps during step 5:
a) Calculate Hash Values for each reference
b) Canonicalize and calcualte Hash Value of SignedInfo
c) Sign result of b) using private key
If I want to use my application to create a XML Signature with XMLSec I
would need to skip step 4 and step 5 c) and replace step 5 c) by my own smartcard
signature component (based on the result of step 5b) )
Am I right so far?
So it would be very easy for me if there is a function like
xmlSecDSigCtxCreateSignedInfoHash instead of xmlSecDSigCtxSign that creates the hash value
that should be signed.
Is there any function like this in XMLSec?
thank you for any help!
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
More information about the xmlsec