[xmlsec] XmlDSig Enveloping another xml

Aleksey Sanin aleksey at aleksey.com
Sun Jun 9 18:12:50 PDT 2013 

There was a discussion about this a few months ago in this mailing list.
Basically, xmlsec *does not* allow enveloping signatures for another
xml file.

Aleksey

On 6/7/13 4:18 PM, Alexwell Sandro wrote:
> I do not know if this is the list for this question.
> 
> I am try to learn about enveloping signature.
> 
> If I sign another xml file, what can happen?
> I cannot find examples.
> 
> *For this file:*
> 
> <?xml version="1.0" encoding="ISO-8859-1"?>
> <newdoc>
>   <content>hi</content>
> </newdoc>
> 
> *First case "using xmlAddChild":*
> ...
> *<ds:Object Id="obj-1236">*<newdoc>
>   <content>hi</content>
> </newdoc>*</ds:Object>*
> *</ds:Signature>*
> 
> - The enconding declaration disappears...
> - Possible namespace conflit (without prefix)
> 
> *Second case "using xmlNodeSetContent":*
> ...
> *<ds:Object Id="obj-1236">*/<?xml version="1.0"
> encoding="ISO-8859-1"?>&#xD;/
> /<newdoc>&#xD;/
> /  <content>hi</content>&#xD;/
> /</newdoc>/*</ds:Object>*
> *</ds:Signature>*
> 
> Exists another way? What pros and cons?
> 
> Can you recommend Articles.
> 
> Thanks,
> 
> 
> 
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>

More information about the xmlsec mailing list