[xmlsec] Signing over multiple files

Aleksey Sanin aleksey at aleksey.com
Fri Sep 14 08:57:35 PDT 2012


You will probably need to write code to support "cid" URL scheme
and resolve references correctly to the MIME attachments:



On 9/14/12 7:50 AM, Mike Peat wrote:
> Hi
> I am using xmlsec at the command line in an ebXML application.  As you
> probably know, ebXML uses SOAP-with-attachments (over HTTP) to send its
> messages.  The message thus consists of multipart-MIME content in the
> HTTP body: the first part being a SOAP document containing (among other
> things) the Signature stuff and the second being an XML document which
> is the business payload.
> The Signature->SignedInfo in the SOAP document needs to contain two
> <Reference> elements: one for the SOAP document itself (URI="") and one
> for the payload XML (URI="cid:xxxxxxxx", where "xxxxxxxx" is the content
> ID of the second MIME part).
> I am managing to successfully sign simple SOAP messages with no payload
> (and hence no second <Reference> element), but I just can't work out how
> to get xmlsec to sign both documents together.  I have tried many
> different ways, but to no avail.  I am sure I am missing something
> simple, but...  :-(
> Any help would be very much appreciated - I've been banging my head off
> this brick wall for a week... and it is starting to really hurt!  :-( 
> (That takes a while, because my brain is so dense, but even it starts
> gets sore eventually!)
> Mike Peat _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list