As far as I know, yes, you have to digest them "by hand"
I hope to have helped you. Sergio De: Legido Martínez, Isidoro [mailto:[EMAIL PROTECTED] Enviado el: martes, 29 de julio de 2008 8:41 Para: security-dev@xml.apache.org Asunto: Re: Remote private key Thanks So, how can I get the digested value? Do I have to digest them "by hand"? Thanks Isi 2008/7/29 Lopez Cantero, Sergio <[EMAIL PROTECTED]> Hi Isidoro, getCanonicalizedOctetStream returns the bytes you have to digest, not the digested data, so that's the difference. Concerning the way to put back the signature, you can get the signature element and search through the DOM for the SignatureValue Element to fill its contents. I'm doing something like that ;) Sergio De: Legido Martínez, Isidoro [mailto:[EMAIL PROTECTED] Enviado el: lunes, 28 de julio de 2008 21:45 Para: security-dev@xml.apache.org Asunto: Remote private key Hi everybody: Firs, I will try to explain my current situation (sorry in advanced for my poor English :-( ). My signing system is splitted in two pieces: a lightweith client that owns the private key and ONLY can sign (no digest) and the server side that does everything else EXCEPT signing (digest, add Manifest elements or aditional References). My initial idea was: the server side builds the SignedInfo elements, get its digest and send it to the client. The client signs and send the result to the server, which adds this to the SignedInfo. Is that possible withe the current implementation? I expected that SignedInfo si.generateDigestValues(); String digest = Base64.encode(si.getCanonicalizedOctetStream()); 'digest' would contain the digest value in Base64, but what I get is something different. How can I get the digest? After signing, is there any way for adding it to SignInfo. Thanks a lot Isi -- ,-""""""-. /\j__/\ ( \`--. [EMAIL PROTECTED]@'/ _) >--.`. _{.:Y:_}_{{_,' ) ) {_}`-^{_} ``` (_/
