Hola Jorge, Sorry no luck, If you change the signature it will be void. No matter what books have told, spaces are an important part of the XML. And it means a lot. You cannot change it without changing the signature.
Regards, Raul On 12 Feb 2007 12:00:20 +0100, Jorge Martín Cuervo < [EMAIL PROTECTED]> wrote:
Hi all, I want to create a signature inside an xml file, i use several transforms to get a portion of the original xml with xpath, and to canonize. I decided to don't attach the public keys. <?xml version="1.0" encoding="UTF-8"?> <hr:Candidate xmlns:df="http://defactops.com"; xmlns:hr="http://ns.hr-xml.org/2004-08-02"; xmlns:xs="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <hr:CandidateRecordInfo> <hr:Id> <hr:IdValue name="id">1158138667963</hr:IdValue> </hr:Id> <hr:Id> <hr:IdValue name="version">0.9.0</hr:IdValue> </hr:Id> <hr:Id> <hr:IdValue name="model">0.9.0</hr:IdValue> </hr:Id> <hr:Id> <hr:IdValue name="host">127.0.0.1</hr:IdValue> </hr:Id> </hr:CandidateRecordInfo> <hr:CandidateProfile> [...] </hr:UserArea> <HRSignature id="protean-xmldsig-01"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:Reference URI="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <dsig-xpath:XPath Filter="intersect" xmlns:dsig-xpath="http://www.w3.org/2002/06/xmldsig-filter2";>/hr:Candidate/hr:CandidateRecordInfo</dsig-xpath:XPath> </ds:Transform> <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>ICBDC9GdWcp8S373I1jlKCilSbI=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>l0N6Ll3/tlSoBz26QdIHyWMA1D95xcPClBz8oy8y7Oj69QQxTVF9GA==</ds:SignatureValue> </ds:Signature></HRSignature></hr:Resume> </hr:Candidate> It works pretty well, (the sign and the verification process) but, when i indent the whole file, the *Signature* element content is indented too and the validation process fails. is there any way to canonice the Signature element? is this a common problem? how can i solve this? thank you! pd: i'm new in this mailing list, and sorry if this issue was commented before. -- ;-) ____________________________________ Jorge Martin Cuervo Analista Programador Outsourcing Emarketplace deFacto Powered by Standards email <[EMAIL PROTECTED]> voz +34 985 129 820 voz +34 660 026 384 ____________________________________
-- http://r-bg.com
