-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello @ all.
Our CMS creates ODF templates with data from the database. It also creates some macros. For security reasons we want to sign these macros, now. This must be done during the creation of the document. For the document creation we use odfpy (http://opendocumentfellowship.org/projects/odfpy) and for creating the signature I started to use pyxmlsec (http://pyxmlsec.labs.libre-entreprise.org/). I came far and my macrosignatures.xml file looks good but OpenOffice says it's invalid and I struggle to find the errors. I tried to understand how OpenOffice build a signature xml and verify it's integrity. Unfortunately my C++ knowledge isn't that good. So I am hoping to find help here. You can have a look at my xml file here (I think this list doesn't like attachments) http://59.167.204.27:8080/mySignatures.xml and compare it with one OpenOffice created http://59.167.204.27:8080/ooSignatures.xml The biggest difference I can see is that OpenOffice has three X509Certificate nodes and my xmlsec library creates only one node. But why has OO three? With my code I also extend the META-INF/manifest.xml file with this entries <manifest:file-entry manifest:media-type="" manifest:full-path="META-INF/macrosignatures.xml"/> <manifest:file-entry manifest:media-type="" manifest:full-path="META-INF/"/> and the my signature xml is stored under META-INF/macrosignatures.xml. Any hint is welcome! If you need more information to help, please ask. I am using OpenOffice 2.2 to test my documents. Regards - -stef -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHAcrKwRdcaudH4ncRAqkHAJ48evk8HGvgapoJnymdGFaMI/vQ3wCgkbGG 3R8BP9GMoyyLV3Ut1OFoS7g= =2fMv -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
