[xmlsec] Problem with SignedInfo block
Antoine Girard
antoine at anyware-tech.com
Fri Sep 23 07:58:18 PDT 2005
Aleksey Sanin wrote:
>> I have to develop a program which signs xml files like xmlsec.
>
> I am not sure that this mailing list is a good place for such questions.
Sorry if I miffed you but I really can't do anything against that... I
would have gladly use xmlsec if I could but as I said, the context is so
that I have to make something myself (of course which is much simplier
than xmlsec).
>
> > With my program I have the following <signedInfo> block :
> Your c14n is not correct. Your lost namespaces in all nodes.
>
I also tried to hash the signedInfo block with namespaces but the result
is still different.
Here is the signedInfo block I tried has well :
<ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:CanonicalizationMethod><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference
URI=""><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>J8fCJ85jpSs/YUSouyMIxwg6TxE=</ds:DigestValue></ds:Reference></ds:SignedInfo>
and the hash value is then :
oKaZPpoKi9swXt/NK5KpE7mTpdg=
which is still different than
c84qBZZpmyMNeKvkohFJpVfUKTY= that we optain with xmlsec.
Anyway, thanks a lot for your answer and sorry again for using the wrong
mailing list for such kind of question.
Antoine.
--
Antoine GIRARD
Systèmes d'Information
ANYWARE TECHNOLOGIES
Tél. : +33 (0)5 61 00 73 42
Fax : +33 (0)5 61 00 51 46
www.anyware-tech.com
More information about the xmlsec
mailing list