Hi All, I am new in the C++ XML Security, so please give me some time :)
What i have done: 1. got xml-sec-1.4 , compiled with VS 2002, No Xalan, only MSCrypto 2. got xerces-c_2_8_0-x86-windows-vc_7_1 3. compiled the xml-sec <Release no Xalan> Using the example for the VC7 simpleHMAC. What i need to do: 1. Crate an XML file, prepare the signature element including digest value and save it to a file 2. a second application will read the file, find the hash and sign this hash with a HMAC key and plase the result in the <ds:SignatureValue> 3. other application verify the signature Problems i have: in 1: >>>>>>>>>>>>>>>>>>>> Code start >>>>>>>>>>>>>>>>>>>>> unsigned char HashBuff[50]; sig->calculateSignedInfoAndReferenceHash((unsigned char*)&HashBuff, 50); unsigned char HashBuff1[50]; sig->getReferenceList()->item(0)->readHash((XMLByte*) &HashBuff1, 50); <<<<<<<<<<<<<<<<<<< Code end <<<<<<<<<<<<<<<<<<<<< HashBuff and HashBuff1 have diffrent values (the first 20 octets) in 2: >>>>>>>>>>>>>>>>>>>> Code start >>>>>>>>>>>>>>>>>>>>> // Get the HAS value XMLByte HashBuffer[50]; unsigned int Hashsize=0; // Get The Hash Value DSIGReferenceList * MyReferenceList = sig->getReferenceList(); DSIGReference * MyReference = MyReferenceList->item(0); Hashsize = MyReference->readHash((XMLByte*) &HashBuffer, 50); // make Signature using MS Crypto // Make the signature using XML Security Library to be replaced by the signature on the card XSECCryptoHash * MyCryptoHash = XSECPlatformUtils::g_cryptoProvider->hashHMACSHA1(); Janitor<XSECCryptoHash> j_MyHash(MyCryptoHash); int HashType = MyCryptoHash->getHashType(); MyCryptoHash->reset(); MyCryptoHash->setKey(hmacKey); MyCryptoHash->hash((unsigned char *)&HashBuffer, Hashsize); unsigned char SignatureValue[50]; unsigned int SignatureSize = MyCryptoHash->finish((unsigned char *)&SignatureValue,50); // Now we have the signature - place it in the DOM structures // First we need to do a Base64Encoding XSECCryptoBase64* MyBase64 = XSECPlatformUtils::g_cryptoProvider->base64(); Janitor<XSECCryptoBase64> j_b64(MyBase64); MyBase64->encodeInit(); // Buffer for the result unsigned char SigBase64[30]; SigBase64[29]='\0'; unsigned int SigBase64size = MyBase64->encode((const unsigned char*)&SignatureValue, SignatureSize,(unsigned char*)&SigBase64, 30); SigBase64size += MyBase64->encodeFinish((unsigned char*) &SigBase64[SigBase64size], 30 - SigBase64size); SigBase64[SigBase64size]='\0'; XMLCh* MySignature = XMLString::transcode((const char*) &SigBase64); <<<<<<<<<<<<<<<<<<< Code end <<<<<<<<<<<<<<<<<<<<< MySignature is different from the signature i obtain in 1 by calling sig->sign(); Thanks in advance for your help, sergiu
