xmlsec support SHA256, your URL is incorrect:
http://www.aleksey.com/pipermail/xmlsec/2005/007037.html
Aleksey
Ashish Agrawal wrote:
ok , thanks for pointing.
also i need to provide support for the digest method as :
http://www.w3.org/200009/xmldsig#sha256
<http://www.w3.org/2000/09/xmldsig#sha256>
for supporting this do i need to modify xmlsec ?
Regards,
Ashish
On Tue, Jun 2, 2009 at 8:01 PM, Aleksey Sanin <[email protected]
<mailto:[email protected]>> wrote:
Look at LibXML2 library, file c14n.c
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
I would like to work on providing the latest canonical support,
can u give me some pointers on the areas in the code where i
need to foucs for the changes.
Regards,
Ashish
On Mon, Jun 1, 2009 at 9:06 PM, Aleksey Sanin
<[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>> wrote:
Sure, I see your point. Well, I haven't seen a lot of interest
in C14N 1.1 support so far. BTW, C14N is a part of LibXML2.
If you need C14N 1.1, then I am sure that Daniel will be happy
to apply your patches to the main tree.
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
Thanks for prompt reply.
The basis of my argument is the newer Widgets DSig specifies
certain fixed values for Canonicalizationmethod & Digest
Method.
Eg:
<?xml version="1.0" encoding="UTF-8"?>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
<SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; />
<Reference URI="config.xml">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>j6...8nk=</DigestValue>
</Reference>
<Reference URI="index.html">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>lm...34=</DigestValue>
</Reference>
<Reference URI="icon.png">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>pq...56=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>MC0E~LE=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MI...lVN</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
So when i create a signature file with the abov mentioned
canonicalizaiton and Digest method, xmlsec fails.
Pls clarify.
Regards,
Ashish
On Mon, Jun 1, 2009 at 8:55 PM, Aleksey Sanin
<[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>> wrote:
xmlsec implements XML DSig and the Widgets DSig is just
a profile of XML DSig. Thus, I don't see why you claim
that xmlsec doesn't support it.
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
I need to support
*http://www.w3.org/TR/2009/WD-widgets-digsig-20090331/*
and seems that current version of xmlsec doesn't
support
it, Is
there any plan for it.
Regards,
Ashish
On Mon, Jun 1, 2009 at 8:02 PM, Aleksey Sanin
<[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>
<mailto:[email protected]
<mailto:[email protected]> <mailto:[email protected]
<mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>>> wrote:
https://www.aleksey.com/xmlsec/xmldsig.html
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
i want to know which standards of
DigestMethod and
Canonicalization Method is supported by xmlsec
currently.
I ve a requirement where i ve the Digest
method as:
http://www.w3.org/2000/09/xmldsig#sha256 and
Canonicalization
methord as :
http://www.w3.org/2006/12/xml-c14n11.
Will this be supported ?
~Ashish
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected]
<mailto:[email protected]> <mailto:[email protected]
<mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>
<mailto:[email protected]
<mailto:[email protected]> <mailto:[email protected]
<mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>>
http://www.aleksey.com/mailman/listinfo/xmlsec
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
<mailto:[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>>
http://www.aleksey.com/mailman/listinfo/xmlsec
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
