Answering my post: I'm sorry, I did not see the options
--store-signatures in XMLSec.exe
That's all I needed.
Thanks anyway.
-------------------------------------------------------------------------------
Hi,
I would be very grateful if someone can tell me what is the real
transformation that xmldsig#enveloped-signature does. In other words:
I have a simple XML document to sign:
<?xml version="1.0" encoding="ISO-8859-1"?>
<document>
<item>
<subItem>123456</subItem>
</item>
</document>
And I sign it using the template file for XMLSec:
<?xml version="1.0" encoding="ISO-8859-1"?>
<document>
<item>
<subItem>000000099178</subItem>
</item>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
<Reference URI="">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; />
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue/>
<KeyInfo>
<KeyValue/>
</KeyInfo>
</Signature>
</getToken>
The value for <DigestValue> is calculated canonicalizating the document,
and it is easy to obtain. But this <DigestValue> is not what is signed;
it suffers some transformations, and then it is signed. I would like to
know what are these transformations, and the final string that really
gets signed in this example.
Thanks a lot,
Javier.
--
Javier Borrajo
/ Laudus SA/
/ Coyancura 2241, Of 83 - Providencia/
( / 469 2100/
* / [email protected] <mailto:[email protected]>/
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
