santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jorge Martín Cuervo <jorge.mar...@defactops.com>
Subject RE: signature elements indent
Date Mon, 12 Feb 2007 11:34:46 GMT
Hi Michael, 

i've downloaded the xml-secutiry-1.4.0 several days ago, and i started
to play with it. Check the samples of the package
org.apache.xml.security.samples, AxisSigner and AxisVerifier classes are
pretty straightforward and self explanatory.

can you give me more details of your problem?

thanks.


El lun, 12 de 02 de 2007 a las 12:20, Michael Czapski escribió:

> Hello Jorge,
>  
> I am new to this list also and I am having difficulties getting help.
> Would you be able to let me have sample code that does what you are
> describing? I need to use public key and sign but the library examples
> do not help me with that.
>  
> Thanks you in advance
>  
> Regards
>  
> Michael
> 
> ______________________________________________________________________
> From: Jorge Martín Cuervo [mailto:jorge.martin@defactops.com] 
> Sent: Monday, February 12, 2007 10:00 PM
> To: security-dev@xml.apache.org
> Subject: signature elements indent
> 
> 
> Hi all, 
> 
> I want to create a signature inside an xml file, i use several
> transforms to get a portion of the original xml with xpath, and to
> canonize. I decided to don't attach the public keys.
> 
> 
> 
> <?xml version="1.0" encoding="UTF-8"?>
> <hr:Candidate xmlns:df="http://defactops.com" xmlns:hr="http://ns.hr-xml.org/2004-08-02"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>     <hr:CandidateRecordInfo>
>         <hr:Id>
>             <hr:IdValue name="id">1158138667963</hr:IdValue>
>         </hr:Id>
>         <hr:Id>
>             <hr:IdValue name="version">0.9.0</hr:IdValue>
>         </hr:Id>
>         <hr:Id>
>             <hr:IdValue name="model">0.9.0</hr:IdValue>
>         </hr:Id>
>         <hr:Id>
>             <hr:IdValue name="host">127.0.0.1</hr:IdValue>
>         </hr:Id>
>     </hr:CandidateRecordInfo>
>     <hr:CandidateProfile>
>         [...]
>         </hr:UserArea>
>     <HRSignature id="protean-xmldsig-01"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> <ds:Reference URI="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <dsig-xpath:XPath Filter="intersect" xmlns:dsig-xpath="http://www.w3.org/2002/06/xmldsig-filter2">/hr:Candidate/hr:CandidateRecordInfo</dsig-xpath:XPath>
> </ds:Transform>
> <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">ICBDC9GdWcp8S373I1jlKCilSbI=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">l0N6Ll3/tlSoBz26QdIHyWMA1D95xcPClBz8oy8y7Oj69QQxTVF9GA==</ds:SignatureValue>
> </ds:Signature></HRSignature></hr:Resume>
> </hr:Candidate>
> 
> 
> It works pretty well, (the sign and the verification process) but,
> when i indent the whole file, the Signature element content is
> indented too and the validation process fails.
> 
> is there any way to canonice the Signature element? is this a common
> problem? how can i solve this?
> 
> 
> thank you!
> 
> pd: i'm new in this mailing list, and sorry if this issue was
> commented before.
> -- 
> ;-)
> ____________________________________
> Jorge Martin Cuervo
> Analista Programador
> 
> Outsourcing Emarketplace
> deFacto Powered by Standards
> 
> email <jorge.martin@defactops.com>
> voz +34 985 129 820
> voz +34 660 026 384
> ____________________________________

-- 
;-)
____________________________________
Jorge Martin Cuervo
Analista Programador

Outsourcing Emarketplace
deFacto Powered by Standards

email <jorge.martin@defactops.com>
voz +34 985 129 820
voz +34 660 026 384
____________________________________


Mime
View raw message