[xmlsec] XMLDSIG

[Csaba CSABAI]

Hi there!

I would have a quite big problem, as I can see the MSCryptoAPI came up
as a possible engine, during the "xmlsec" project.

I am working on a Smartcard base, therefore cannot be avoided the use of
the MSCryptoAPI - there have to find a way to solve this part. The issue
is almost done, but there is a kind of challenge with the _Signature_ at
the moment.

Therefore, to use the same hash data (with the same key) from CSP
(CryptSignHash) and with an XML generated tool (xmlsec) two, totally
different result is coming out. Ergo the _Signature_ is different at the
end.

I tried to look trough the technical readings, what is the difference by
the CSP, rather than necessary to the XMLDSIG. I am over the parts, like
the "byteorder" and details like this; so far this is surely not the
glitch.

Opposite of this, I have found some information, such as there would be
necessary a different PADDING, or an assembled ASN.1 might be necessary.


My question is, if those, who are dealing with the "MSCryptoAPI", did
they met a problem, like this, and if yes - what can be the solution?
So, on other hand: what is the way to generate a signature with the
"MSCryptoAPI", what is a "likely" solution for XMLDSIG?

Sincerely,

--
Csabai Csaba - Project Director
SaveAs Ltd.   - http://www.saveas.hu