santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lopez Cantero, Sergio" <SLCANT...@sadiel.es>
Subject RE: Remote private key
Date Tue, 29 Jul 2008 06:45:28 GMT
As far as I know, yes, you have to digest them "by hand"

 

I hope to have helped you.

 

Sergio

 

De: Legido Martínez, Isidoro [mailto:islegmar@gmail.com] 
Enviado el: martes, 29 de julio de 2008 8:41
Para: security-dev@xml.apache.org
Asunto: Re: Remote private key

 

Thanks

So, how can I get the digested value? Do I have to digest them "by hand"?

Thanks

Isi



2008/7/29 Lopez Cantero, Sergio <SLCANTERO@sadiel.es>

Hi Isidoro, 

getCanonicalizedOctetStream returns the bytes you have to digest, not the digested data, so
that's the difference.

Concerning the way to put back the signature, you can get the signature element and search
through the DOM for the SignatureValue Element to fill its contents.

I'm doing something like that ;)

 

Sergio

 

De: Legido Martínez, Isidoro [mailto:islegmar@gmail.com] 
Enviado el: lunes, 28 de julio de 2008 21:45
Para: security-dev@xml.apache.org
Asunto: Remote private key

 

Hi everybody:

Firs, I will try to explain my current situation (sorry in advanced for my poor English :-(
). My signing system is splitted in two pieces: a lightweith client that owns the private
key and ONLY can sign (no digest) and the server side that does everything else EXCEPT signing
(digest, add Manifest elements or aditional References). 
My initial idea was: the server side builds the SignedInfo elements, get its digest and send
it to the client. The client signs and send the result to the server, which adds this to the
SignedInfo. Is that possible withe the current implementation? 
I expected that

  SignedInfo si.generateDigestValues();
  String digest = Base64.encode(si.getCanonicalizedOctetStream());

'digest' would contain the digest value in Base64, but what I get is something different.
How can I get the digest? After signing, is there any way for adding it to SignInfo.

Thanks a lot

Isi




-- 
,-""""""-.
/\j__/\ ( \`--.
\`@_@'/ _) >--.`.
_{.:Y:_}_{{_,' ) )
{_}`-^{_} ``` (_/


Mime
View raw message