santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jorge Martín Cuervo <jorge.mar...@defactops.com>
Subject signature elements indent
Date Mon, 12 Feb 2007 11:00:20 GMT
Hi all, 

I want to create a signature inside an xml file, i use several
transforms to get a portion of the original xml with xpath, and to
canonize. I decided to don't attach the public keys.


<?xml version="1.0" encoding="UTF-8"?>
<hr:Candidate xmlns:df="http://defactops.com" xmlns:hr="http://ns.hr-xml.org/2004-08-02"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <hr:CandidateRecordInfo>
        <hr:Id>
            <hr:IdValue name="id">1158138667963</hr:IdValue>
        </hr:Id>
        <hr:Id>
            <hr:IdValue name="version">0.9.0</hr:IdValue>
        </hr:Id>
        <hr:Id>
            <hr:IdValue name="model">0.9.0</hr:IdValue>
        </hr:Id>
        <hr:Id>
            <hr:IdValue name="host">127.0.0.1</hr:IdValue>
        </hr:Id>
    </hr:CandidateRecordInfo>
    <hr:CandidateProfile>
        [...]
        </hr:UserArea>
    <HRSignature id="protean-xmldsig-01"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<dsig-xpath:XPath Filter="intersect" xmlns:dsig-xpath="http://www.w3.org/2002/06/xmldsig-filter2">/hr:Candidate/hr:CandidateRecordInfo</dsig-xpath:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">ICBDC9GdWcp8S373I1jlKCilSbI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">l0N6Ll3/tlSoBz26QdIHyWMA1D95xcPClBz8oy8y7Oj69QQxTVF9GA==</ds:SignatureValue>
</ds:Signature></HRSignature></hr:Resume>
</hr:Candidate>



It works pretty well, (the sign and the verification process) but, when
i indent the whole file, the Signature element content is indented too
and the validation process fails.

is there any way to canonice the Signature element? is this a common
problem? how can i solve this?


thank you!

pd: i'm new in this mailing list, and sorry if this issue was commented
before.
-- 
;-)
____________________________________
Jorge Martin Cuervo
Analista Programador

Outsourcing Emarketplace
deFacto Powered by Standards

email <jorge.martin@defactops.com>
voz +34 985 129 820
voz +34 660 026 384
____________________________________

Mime
View raw message