xmlsec support SHA256, your URL is incorrect:

http://www.aleksey.com/pipermail/xmlsec/2005/007037.html

Aleksey

Ashish Agrawal wrote:
ok , thanks for pointing.

also i need to provide support for the digest method as : http://www.w3.org/200009/xmldsig#sha256 <http://www.w3.org/2000/09/xmldsig#sha256>

for supporting this do i need to modify xmlsec ?

Regards,
Ashish

On Tue, Jun 2, 2009 at 8:01 PM, Aleksey Sanin <[email protected] <mailto:[email protected]>> wrote:

    Look at LibXML2 library, file c14n.c

    Aleksey

    Ashish Agrawal wrote:

        Hi Aleksey,

        I would like to work on providing the latest canonical support,
        can u give me some pointers on the areas in the code where i
        need to foucs for the changes.

        Regards,
        Ashish

        On Mon, Jun 1, 2009 at 9:06 PM, Aleksey Sanin
        <[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>> wrote:

           Sure, I see your point. Well, I haven't seen a lot of interest
           in C14N 1.1 support so far. BTW, C14N is a part of LibXML2.
           If you need C14N 1.1, then I am sure that Daniel will be happy
           to apply your patches to the main tree.

           Aleksey


           Ashish Agrawal wrote:

               Hi Aleksey,

               Thanks for prompt reply.

               The basis of my argument is the newer Widgets DSig specifies
               certain fixed values for Canonicalizationmethod & Digest
        Method.

               Eg:
               <?xml version="1.0" encoding="UTF-8"?>
               <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
                   <SignedInfo>
                       <CanonicalizationMethod
Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
                       <SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; />
                       <Reference URI="config.xml">
                           <DigestMethod
               Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                           <DigestValue>j6...8nk=</DigestValue>
                     </Reference>
                      <Reference URI="index.html">
                           <DigestMethod
               Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                           <DigestValue>lm...34=</DigestValue>
                    </Reference>
                     <Reference URI="icon.png">
                           <DigestMethod
               Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                           <DigestValue>pq...56=</DigestValue>
                     </Reference>
                  </SignedInfo>
                  <SignatureValue>MC0E~LE=</SignatureValue>
                 <KeyInfo>
                    <X509Data>
                         <X509Certificate>MI...lVN</X509Certificate>
                     </X509Data>
                  </KeyInfo>
               </Signature>


               So when i create a signature file with the abov mentioned
               canonicalizaiton and Digest method, xmlsec fails.
               Pls clarify.

               Regards,
               Ashish

               On Mon, Jun 1, 2009 at 8:55 PM, Aleksey Sanin
               <[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>> wrote:

                  xmlsec implements XML DSig and the Widgets DSig is just
                  a profile of XML DSig. Thus, I don't see why you claim
                  that xmlsec doesn't support it.

                  Aleksey

                  Ashish Agrawal wrote:

                      Hi Aleksey,

                      I need to support
*http://www.w3.org/TR/2009/WD-widgets-digsig-20090331/*
                      and seems that current version of xmlsec doesn't
        support
               it, Is
                      there any plan for it.

                      Regards,
                      Ashish

                      On Mon, Jun 1, 2009 at 8:02 PM, Aleksey Sanin
                      <[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>
                      <mailto:[email protected]
        <mailto:[email protected]> <mailto:[email protected]
        <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>>> wrote:

                         https://www.aleksey.com/xmlsec/xmldsig.html

                         Aleksey

                         Ashish Agrawal wrote:

                             Hi Aleksey,

                             i want to know which standards of
        DigestMethod and
                             Canonicalization Method is supported by xmlsec
               currently.

                             I ve a requirement where i ve the Digest
        method as:
                             http://www.w3.org/2000/09/xmldsig#sha256 and
               Canonicalization
                             methord as :
        http://www.w3.org/2006/12/xml-c14n11.
                             Will this be supported ?

                             ~Ashish


------------------------------------------------------------------------

                             _______________________________________________
                             xmlsec mailing list
                             [email protected]
        <mailto:[email protected]> <mailto:[email protected]
        <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>
                      <mailto:[email protected]
        <mailto:[email protected]> <mailto:[email protected]
        <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>>


                             http://www.aleksey.com/mailman/listinfo/xmlsec



------------------------------------------------------------------------

                      _______________________________________________
                      xmlsec mailing list
                      [email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>
               <mailto:[email protected] <mailto:[email protected]>
        <mailto:[email protected] <mailto:[email protected]>>>
                      http://www.aleksey.com/mailman/listinfo/xmlsec





------------------------------------------------------------------------

_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to