Re: Non dom based signature?

Fri, 20 Feb 2004 01:20:35 -0800

Vincent,

There is some code in the CVS version of Checksig that uses a XSECURIResolverGenericUnix (or Win32).

A hacked up version is below, but the basic is create the resolver, set the base path for the resolver (must be a URI), then set the DSIGSignature to use the resolver.

The basic resolver that is installed be default knows nothing about file paths, so cannot resolver relative URIs.

The code below takes the filename of the input XML document, strips out the path and uses that as the base URI. It's fairly ugly, but it works.

Cheers,
        Berin


#if defined(_WIN32)
                XSECURIResolverGenericWin32
#else
                XSECURIResolverGenericUnix
#endif
                        theResolver;
                
                // Map out base path of the file
                char path[_MAX_PATH];
                char baseURI[(_MAX_PATH * 2) + 10];
                getcwd(path, _MAX_PATH);

strcpy(baseURI, "file:///"); 

                // Ugly and nasty but quick
                if (filename[0] != '\\' && filename[0] != '/' && filename[1] != ':') {
                        strcat(baseURI, path);
                        strcat(baseURI, "/");
                } else if (path[1] == ':') {
                        path[2] = '\0';
                        strcat(baseURI, path);
                }

strcat(baseURI, filename);

                // Find any ':' and "\" characters
                int lastSlash = 0;
                for (unsigned int i = 8; i < strlen(baseURI); ++i) {
                        if (baseURI[i] == '\\') {
                                lastSlash = i;
                                baseURI[i] = '/';
                        }
                        else if (baseURI[i] == '/')
                                lastSlash = i;
                }

                // The last "\\" must prefix the filename
                baseURI[lastSlash + 1] = '\0';

XMLUri uri(MAKE_UNICODE_STRING(baseURI));

                theResolver.setBaseURI(uri.getUriText());
                sig->setURIResolver(&theResolver);


Vincent Finn wrote:
From: Berin Lautenbach

Vincent,

Try removing the line :

ref->appendEnvelopedSignatureTransform();

That's telling the library to sign everything in the

*current* document

other than the signature, so it expects a local reference

URI (URI="#ptr").


Have hit a small problem

Is there anyway of getting it to ignore the URI itself when creating the signature
what I am seeing is that I can rename the real data file (the 13Mb one)
and change the URI to point to the new one and the signature changes 

Since these files will be moved about I need to be able to rename them or at least 
change their path
I tried using a relative path but I get a MalformedURLException.
The sytax I used is as follows
        DSIGReference * ref = sig->createReference(MAKE_UNICODE_STRING("haha.xml"));

All the mentions on the web seem to suggest that is the syntax

What am I doing wrong?

Vin

Reply via email to