|
Well, probably the best option for you would be option #2: use special
URL protocol in URI attributes like "cid:<attachment id>" and create custom protocol handlers for "cid". Take a look at LibXML2 IO tutorial: http://xmlsoft.org/xmlio.html and xmlsec API reference: http://www.aleksey.com/xmlsec/api/xmlsec-io.html And do not forget to register your protocol handlers in both xmlsec and libxml2. Aleksey Johannes Kjos wrote: Ok, I will try to explain once more :) My secapp is a toolkit to support XMLDsig signing MIME message, there are two or more mime parts and the first part is SOAP (<header> and <body>), the other mime parts are attachments. These attachments are signed and the <Signature> is placed inside the SOAP <header>. My secapp only relates and thereby returns the SOAP message to the calling application which deals with the mime packing and so on. So, when signing an attachment, the calling application has to give my secapp a cid and the filepath (it's all filebased for a reason not to mention here) for the file to sign, insert the cid in <SignedInfo> make a digest (and put it in <DigestValue>) of the file with filepath, and then sign <SignedInfo>. The reason the cid is signed and not the filepath is because my secapp don't deal with the attachment in the mimemessage, the calling application does. So when verifying the callig app will search through the attachments and when it finds a cid it will give the filepath and the cid to my secapp (the rest of the <References> in the <Signature> will be resolved by xmlsec in normal manner). My secapp will make a list of these mappings and hopefully in some way make the xmlsec to understand that the <SignatureValue> is a signature over the current <SignedInfo> but the <DigestValue> of the references with the cids is from the files with filepath given by the mappings....I know this is working e.g. in the java lib IAIK...I think this is a version of ebXML. Best regards, Johannes -----Opprinnelig melding----- Fra: Aleksey Sanin [mailto:[EMAIL PROTECTED]] Sendt: 25. september 2003 17:41 Til: Johannes Kjos Kopi: '[EMAIL PROTECTED]' Emne: Re: [xmlsec] Using a content ID for URI No, it's actually not quite clear but I would try to guess :) 1) You would like to use "#ID" or any other XPointer _expression_ in URI attributes. Yes, it is possible. Please read section 3.2 from FAQ http://www.aleksey.com/xmlsec/faq.html for the only known common issue about that. 2) You need to use custom protocols like URI="cid:something" Yes, it is possible. You would need to register custom protocol handlers in both LibXML2 and xmlsec. Search headers in both libraries for "RegisterProtocol". Protocol handlers in both libraries are exactly the same. LibXML2 handlers are used for reading XML files (thus they can automatically do some smart things like gzip/gunzip) and xmlsec protocol handlers are used for reading binary files. Also there is a tutorial' page on LibXML2 web site http://xmlsoft.org about writing IO callbacks. Aleksey Johannes Kjos wrote: |
- [xmlsec] Using a content ID for URI Johannes Kjos
- Re: [xmlsec] Using a content ID for URI Aleksey Sanin
- SV: [xmlsec] Using a content ID for URI Johannes Kjos
- [xmlsec] OpenSSL Aleksey Sanin
- [xmlsec] OpenSSL Jan-Olof Andersson
- Re: [xmlsec] OpenSSL Aleksey Sanin
- Re: SV: [xmlsec] Using a content ID for URI Rich Salz
- SV: SV: [xmlsec] Using a content ID for URI Johannes Kjos
- Re: SV: SV: [xmlsec] Using a content ID for UR... Aleksey Sanin
