Aleksey Sanin wrote:
> Kind of... It is more of a response to the new OpenSSL
> functionality :)
>
I know. Did you intention to support SHA-2 famiry by OpenSSL?
If you want to learn more cool algoristhms, look at GNU-Cryptro like RSA-PSS
and WHIRLPOOL hash. http://www.gnu.org/software/gnu-crypto/
DES, RSA512, MD4/5, SHA-0 were broken.
>> Will you support RFC3161 timestamp on xmlsec?
>>
>
> Not sure how does this RFC applies to XML. But in general
> patches are welcome :)
>
Please look at my sample file for XAdES-T by RFC3161 timestamp of PFU TSA.
Takahiro.
<Signature Id="SignatureId" xmlns="http://www.w3.org/2000/09/xmldsig#";><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /><Reference URI="C:\share\JSignSample00\JSign.bmp"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /><DigestValue>OSPLLdRasEMIhgFt6hVkGTfWzdk=</DigestValue></Reference><Reference URI="#SignedPropertiesId" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties";><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /><DigestValue>Aul5RsVzz4uL3YfSwOSfXSJkcAI=</DigestValue></Reference></SignedInfo><SignatureValue Id="SignatureValueId">ojFjUM+rNIFLMRqd8szYqJ+OAZJCX6gdPctW653Kjo2LulowpxYvZoORNgDOLbiudxNlZfyKzUj4ImEDZihtMH2Ur8eSj3LTsiFhFZKOqq04SMU9vuJzMf6UBkFYus8gT9bXDn0tYm63N7gCOOxd2Rg7ukxqD2FAR3wZKFisFNY=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIGWjCCBUKgAwIBAgICFxIwDQYJKoZIhvcNAQEFBQAwbjELMAkGA1UEBh!
MCSlAxJTAjBgNVBAoTHEphcGFuIENlcnRpZmljYXRpb24gU2VydmljZXMxODA2BgNVBAMTL0FjY3JlZGl0ZWRTaWduIFB1YmxpYyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAyMB4XDTA2MDIyODE1MDAwMFoXDTA4MDMzMDE1MDAwMFowgZ4xCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzFFMEMGA1UEBww8RWRvZ2F3YWt1IEVkb2dhd2EgM2Nob3VtZSAzOGJhbmNoaSBLb3N1bW9pY2hpbm9lZ3VyYW5rb3RvNDAyMRYwFAYDVQQDDA1NaXlhY2hpIE5hb3RvMSAwHgYKCZImiZPyLGQBAQwQNDIwNjAyMjQ1MjY1NjQ0OTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzyzVxNQkeWGS7llJZWbSPehl1c0tp8sBC684WLOWZTCpCzHZvVhg8naIRf8MhA4ZvkEmrnv+XP/oL0men7UXZLtbxFBlUHA9bRL/TndAKDjMnT84fVArxWs38T71o9lW8ogDs7veHlL/rN8EyXJjq7fyJ0bucM5rIOdeZqFfPSMCAwEAAaOCA1MwggNPMIGYBgNVHSMEgZAwgY2AFDH0c8s9lPdFzJ4tzAb71Hlmk7O3oXKkcDBuMQswCQYDVQQGEwJKUDElMCMGA1UEChMcSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlczE4MDYGA1UEAxMvQWNjcmVkaXRlZFNpZ24gUHVibGljIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDKCAQEwDgYDVR0PAQH/BAQDAgbAMIH+BgNVHSABAf8EgfMwgfAwdgYIKoMIjJsLAwMwajAxBggrBgEFBQcCARYlaHR0cHM6Ly9jcC5qY3NpbmMuY28uanAvMi9BX1NpZ24uaHRtbDA1BggrBgEFBQcCAjApGidBY2NyZWRpdG!
VkIHVuZGVyIGUtU2lnbmF0dXJlIExhdyhKYXBhbikwdgYIKoMIjJsLAwQwajAxBggrBgEF
BQcCARYlaHR0cHM6Ly9jcC5qY3NpbmMuY28uanAvMi9BX1NpZ24uaHRtbDA1BggrBgEFBQcCAjApGidBY2NyZWRpdGVkIHVuZGVyIGUtU2lnbmF0dXJlIExhdyhKYXBhbikwgdAGA1UdEQSByDCBxaSBwjCBvzEWMBQGA1UEAwwN5a6u5ZywIOebtOS6ujEqMCgGA1UECgwh5pyJ6ZmQ5Lya56S+44Op44Oz44Kw44O744Ko44OD44K4MVIwUAYDVQQLDEnkuovmpa3miYDmiYDlnKjlnLDvvJrmnbHkuqzpg73ljYPku6PnlLDljLrlsqnmnKznlLrkuozkuIHnm64xNOeVquWcsDEy5Y+3MRgwFgYDVQQMDA/ku6Pooajlj5bnt6DlvbkxCzAJBgNVBAYTAkpQMIGuBgNVHR8EgaYwgaMwgaCggZ2ggZqGgZdsZGFwOi8vaXNvMzg5Lmpjc2luYy5jby5qcC9jbj1BY2NyZWRpdGVkU2lnbiUyMFB1YmxpYyUyMENlcnRpZmljYXRpb24lMjBBdXRob3JpdHklMjAyLG89SmFwYW4lMjBDZXJ0aWZpY2F0aW9uJTIwU2VydmljZXMsYz1KUD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MB0GA1UdDgQWBBRL0v/ZcJ9jcdwjwCTH5MSDGlZFljANBgkqhkiG9w0BAQUFAAOCAQEAM8oL5FE5BxMrBS7n2iiUlB3RHDlR4x8gogfQG0CFz0idzOz5l2sXgNNshLW8Qwoa6DUhKpbv3IrxHurSDs99LNcYwLwy5QvN4M9DBOwjI9N8Hw1Y0UloBGCyBdPKtOtIrWgcAOqzqr6a8NvDxlFtn3T3J3smHGU3CqtwFYW+oTvoqwALAiizikyA/zG2iuv9P2S1n9xnUl0tx6TQfJtFk1BHIeSSHMlopMVNcB1rIlfQ22BaBrxgs68nf1N52z0CKQoN6OBDYiwMSa8cT!
pZGLbpqJvidnxr7VuzILd5hFGTLu3NPvsyJuSczHJjHUMBhTN/FhWur35D2TyyNsOEiTg==</X509Certificate></X509Data><KeyValue><RSAKeyValue><Modulus>y+MN7sgkM1txIF/TxUqlbtUBQCJ5TzaYDI18oAinDpihB/Ak4sWA0mpv57zHxc5PFod+lH6FbyZqB/lAVcinmCck0i4CdwlmOO1/E1PsDn04kWJV9qX3D5r9+bfduci4HyILYvoRdCD5cjBvuNC88JyRzia5ki5lGGGymLrcans=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id="XadesObject"><QualifyingProperties Target="#SignatureId" xmlns="http://uri.etsi.org/01903/v1.1.1#";><SignedProperties Id="SignedPropertiesId"><SignedSignatureProperties><SigningTime>2006-03-09T22:08:56</SigningTime><SigningCertificate><Cert><CertDigest><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /><DigestValue>k1eEoobS5L3842TRlJsbKmNd4RA=</DigestValue></CertDigest><IssuerSerial><X509IssuerName xmlns="http://www.w3.org/2000/09/xmldsig#";>CN=AccreditedSign Public Certification Authority 2, O=Japan Certification Services, C=JP</X509IssuerName><X509SerialNumber xmlns="http://www.w!
3.org/2000/09/xmldsig#">5906</X509SerialNumber></IssuerSerial></Cert><
/SigningCertificate><SignaturePolicyIdentifier><SignaturePolicyImplied /></SignaturePolicyIdentifier></SignedSignatureProperties></SignedProperties></QualifyingProperties><QualifyingProperties Target="#SignatureId" xmlns="http://uri.etsi.org/01903/v1.1.1#";><SignedProperties Id="SignedPropertiesId"><SignedSignatureProperties><SigningTime>2006-03-09T22:08:56</SigningTime><SigningCertificate><Cert><CertDigest><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /><DigestValue>k1eEoobS5L3842TRlJsbKmNd4RA=</DigestValue></CertDigest><IssuerSerial><X509IssuerName xmlns="http://www.w3.org/2000/09/xmldsig#";>CN=AccreditedSign Public Certification Authority 2, O=Japan Certification Services, C=JP</X509IssuerName><X509SerialNumber xmlns="http://www.w3.org/2000/09/xmldsig#";>5906</X509SerialNumber></IssuerSerial></Cert></SigningCertificate><SignaturePolicyIdentifier><SignaturePolicyImplied /></SignaturePolicyIdentifier></SignedSignatureProperties></SignedProperties><UnsignedPr!
operties><UnsignedSignatureProperties><SignatureTimeStamp><HashDataInfo uri="#SignatureValueId" /><EncapsulatedTimeStamp Id="SignatureTimeStampId">MIIKQgYJKoZIhvcNAQcCoIIKMzCCCi8CAQMxCzAJBgUrDgMCGgUAMIIBJgYLKoZIhvcNAQkQAQSgggEVBIIBETCCAQ0CAQEGCgKDOIybeQEBAQEwITAJBgUrDgMCGgUABBTaOaPuXmtLDTJVv++VYBiQr9gHCQIDRaUQGBMyMDA2MDMwOTEzMDkwOC44NTFaMASAAgH0Agh0iHoOgSsfE6CBrqSBqzCBqDELMAkGA1UEBhMCSlAxETAPBgNVBAgTCEthbmFnYXdhMREwDwYDVQQHEwhLYXdhc2FraTEUMBIGA1UEChMLUEZVIExpbWl0ZWQxFTATBgNVBAsTDFBGVSB0ZXN0IFRTQTEtMCsGA1UECxMkU292ZXJlaWduIFRpbWUgVFMgU2VydmVyIFNOOjkzRDAwOTYyMRcwFQYDVQQDEw5QRlUtdGVzdC1UU1UwMaCCBtcwggQvMIIDF6ADAgECAgEGMA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAkpQMREwDwYDVQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIS2F3YXNha2kxDDAKBgNVBAoTA1BGVTEQMA4GA1UECxMHUEZVIFRTQTEUMBIGA1UEAxMLUEZVIHRlc3QgQ0EwHhcNMDUwOTE1MTExNjI2WhcNMDcwOTE1MTExNjI2WjCBqDELMAkGA1UEBhMCSlAxETAPBgNVBAgTCEthbmFnYXdhMREwDwYDVQQHEwhLYXdhc2FraTEUMBIGA1UEChMLUEZVIExpbWl0ZWQxFTATBgNVBAsTDFBGVSB0ZXN0IFRTQTEtMCsGA1UECxMkU292ZXJlaWduI!
FRpbWUgVFMgU2VydmVyIFNOOjkzRDAwOTYyMRcwFQYDVQQDEw5QRlUtdGVzdC1UU1UwMTC
BnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAy9MXMi14pkxmFrNjKV1H7IJuKlBuPTS4a6xXwjN57NKZvuhUyIjYSYT1NZlP+zr1HTvk/UFPOrsNfwxnK/kmHk9AnT1pxkEZjCJYC5aCSm0EJEeM2NPho9mTzWvOokgOwJa2LYfn6r+NbW5jYTKnVVrr7SXSJXLeoe2XfZoBnwcCAQOjggEmMIIBIjAJBgNVHRMEAjAAMB0GA1UdDgQWBBRYEzt6xXJ/9CIzQWBQ05wxzAHogDCBkwYDVR0jBIGLMIGIgBQV4dvfqfDFh4eFlU9Eslw4rVxkgqFtpGswaTELMAkGA1UEBhMCSlAxETAPBgNVBAgTCEthbmFnYXdhMREwDwYDVQQHEwhLYXdhc2FraTEMMAoGA1UEChMDUEZVMRAwDgYDVQQLEwdQRlUgVFNBMRQwEgYDVQQDEwtQRlUgdGVzdCBDQYIBADALBgNVHQ8EBAMCBsAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cHM6Ly90ZXN0LnBmdXRzYS5uZXQvcmVwb3NpdG9yeS9QVUIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBJOqObou2xm4SU4Z4Vc3HOL7Rt4aSpL5zeUshKmoj/hOYk9ZfNlLoY/ZJxEbZnJ/IpghKDSQphziPIR3mLVtjSdNjDOTb96XRHKkMLmVsFMxIf5cHPrABeozWdISN9DFG7tcl5/Q1psjNz7LJ52uKlWEUyzl91/CAHAJf9Vx80ZWQCTTjmjABf/WwXNwBeoG8AwumjGHB9jA+gozKHhohDpqzHFC8CRyRN3em0Z43KXGGbtqcb9x2NlKpillXfy4DGmXHL2Xs8CyoI1Np5bdK4bwgs01jnxgyENO33EiMmEh98KnB3xxK1ID7/HPZSVDuHRMw1LM7oSCT2Fx/GGUvzoYICoDCCAgkC!
AQEwgdihga6kgaswgagxCzAJBgNVBAYTAkpQMREwDwYDVQQIEwhLYW5hZ2F3YTERMA8GA1UEBxMIS2F3YXNha2kxFDASBgNVBAoTC1BGVSBMaW1pdGVkMRUwEwYDVQQLEwxQRlUgdGVzdCBUU0ExLTArBgNVBAsTJFNvdmVyZWlnbiBUaW1lIFRTIFNlcnZlciBTTjo5M0QwMDk2MjEXMBUGA1UEAxMOUEZVLXRlc3QtVFNVMDGiJQoBATAJBgUrDgMCGgUAAxUAatxntYXm5TMlFZAX4fnkzMbdiaygXTBbpFkwVzELMAkGA1UEBhMCSlAxHDAaBgNVBAoTE1NlaWtvSW5zdHJ1bWVudHNJbmMxDjAMBgNVBAsTBVRNQy4yMRowGAYDVQQDExFjaHJvbm90cnVzdC4xNTQ4MjANBgkqhkiG9w0BAQUFAAIIx7qfgAAAAAAwIhgPMjAwNjAzMDkxMjM1MTJaGA8yMDA2MDMxMDEzMzUxMlowgYwwSwYKKwYBBAGEWQoEATE9MDswDAIEx7qfgAIEAAAAADAPAgQAAAAAAgQAAF/9AgH/MAwCBAAAAAACBAABKA4wDAIEx7v/EAIEAAAAADA9BgorBgEEAYRZCgQCMS8wLTALBgkCgziMmz0BAgGgDjAMAgQAAAAAAgQAB6EgoQ4wDAIEAAAAAAIEAAPQkDANBgkqhkiG9w0BAQUFAAOBgQBuwr+t+JsuG32YXBT8SWD4uWgedvV8iPVVgiBqNEqZcoxN28U4r90i+ZUrh3DETW/fQsh9hJE7ALoYvYNE21gcf0w2Wt32BXfUIX5N7hSg3lkGLTwKKBmH5yM/zadGfk5Wj5i4mmI6o0uoSPzIhyGbT42kbbtmWiiNOR6lfI/eyzGCAhYwggISAgEBMG4waTELMAkGA1UEBhMCSlAxETAPBgNVBAgTCEthbmFnYXdhMREwDwYDVQQHEwhLYXdhc2FraTEMMAoGA1UE!
ChMDUEZVMRAwDgYDVQQLEwdQRlUgVFNBMRQwEgYDVQQDEwtQRlUgdGVzdCBDQQIBBjAJBg
UrDgMCGgUAoIH/MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAjBgkqhkiG9w0BCQQxFgQUQy71ppCAZFo9eJRWTpXkmmr0ZbIwgbsGCyqGSIb3DQEJEAIMMYGrMIGoMIGlMIGKBBRq3Ge1heblMyUVkBfh+eTMxt2JrDByMG2kazBpMQswCQYDVQQGEwJKUDERMA8GA1UECBMIS2FuYWdhd2ExETAPBgNVBAcTCEthd2FzYWtpMQwwCgYDVQQKEwNQRlUxEDAOBgNVBAsTB1BGVSBUU0ExFDASBgNVBAMTC1BGVSB0ZXN0IENBAgEGMBYEFLChYX7l8bMXBCS4YMNT4Z3cAKjKMA0GCSqGSIb3DQEBBQUABIGAAeJ3Wn/Ypmqn9fn+O0gKehWef8H+wDxxHI9OYO5p3neqhPkOaado2OWIdrNeD/KIp5F8U3c9kUai9wkqEQSUX0vbrEy1E0t4jOPybHv5QLZw6IiIyGbOuYkJOHxMPxYdcp5SUHJNv2S0L0LlWIZcK5gJn0kx7Um71QmrlBg8Mag=</EncapsulatedTimeStamp></SignatureTimeStamp></UnsignedSignatureProperties></UnsignedProperties></QualifyingProperties></Object></Signature>
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
