You will need to get and compile yourself "trunk" libxml2 and
"trunk" xmlsec to get support for c14n v1.1. Ignoring ECDSA,
everything should be supported.
Basically, I am waiting for the next libxml2 release to release
new version of xmlsec that supports XMLDSig 1.1.
Aleksey
Ashish Agrawal wrote:
oh Yes, You are correct.
I think the correct spec is
:http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/
Regards,
Ashish
On Wed, Aug 26, 2009 at 11:36 AM, Aleksey Sanin <[email protected]
<mailto:[email protected]>> wrote:
This is not xml dsig spec but widgets signature spec. I believe
xmlsec supports the "signature" part of it and you can get the
attributes like you describe directly from xml document.
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
The new DSig spec refers to the new xml properties like author,
distributor etc:
Example of a distributor signature
<http://www.w3.org/TR/2009/CR-widgets-digsig-20090625/#distributor-signature>
document, named |signature1.xml|:
|<?xml version="1.0" encoding="UTF-8"?>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";
Id="DistributorASignature">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
<SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="config.xml">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>...</DigestValue>
</Reference>
<Reference URI="index.html">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>...</DigestValue>
</Reference>
<Reference URI="icon.png">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>...</DigestValue>
</Reference>
<Reference URI="#prop">
<DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>...</DigestValue>
</Reference>
</SignedInfo>
<Object Id="prop"> <SignatureProperties
xmlns:dsp="http://www.w3.org/2009/xmldsig-properties";>
<SignatureProperty Id="profile" Target="#DistributorASignature">
<dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"/>
</SignatureProperty> <SignatureProperty Id="role"
Target="#DistributorASignature">
<dsp:Role
URI="http://www.w3.org/ns/widgets-digsig#role-distributor"/>
</SignatureProperty> <SignatureProperty Id="identifier"
Target="#DistributorASignature">
<dsp:Identifier>07425f59c544b9cebff04ab367e8854a</dsp:Identifier>
</SignatureProperty>
</SignatureProperties> </Object>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>...</X509Certificate>
</X509Data>
</KeyInfo>
Will this is supported by latest XMLSec.
Regards,
Ashish
</Signature>|
On Fri, Jul 24, 2009 at 8:58 PM, Aleksey Sanin
<[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>> wrote:
This spec is based on XML DSig and I looks like xmlsec
should be able to handle it as-is.
Aleksey
Ashish Agrawal wrote:
Hi Aleksey,
W3C has published a new spec.
W3C Widgets 1.0: Digital Signatures specification :
http://www.w3.org/TR/2009/CR-widgets-digsig-20090625/
Do you plan to provide the same support in xmlsec.
Regards,
Ashish
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected] <mailto:[email protected]>
<mailto:[email protected] <mailto:[email protected]>>
http://www.aleksey.com/mailman/listinfo/xmlsec
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
