<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#3333FF">
<div class="moz-cite-prefix">Aleksey & Luiz<br>
<br>
A couple of years ago I got xmlsec to build and work on MS DOS
(well, from the Windows command prompt, which is what I assume you
mean).<br>
<br>
I needed to make a very small change to xmlsec (to handle a
reference to "cid:<i>filename</i>" by just looking for "<i>filename</i>",
because you can't have colons in MS DOS filenames).<br>
<br>
I found fundamentally insurmountable problems using MS tools to do
this (I'd explain why, but life is too short <g>), so
eventually attacked the problem using <a
href="http://www.mingw.org/">mingw</a> to build all of the
required libraries and the executable as DOS/Win DLLs and an EXE.<br>
<br>
It was a total nightmare, but I got there in the end and the
solution is now deployed and working.<br>
<br>
I <i>did</i> mean to write up the process of going from source to
working executables, but have frankly been too lazy, however I
still have my (indecipherable and meaningless to anybody else)
notes on what I did.<br>
<br>
If I can help, I will, to the extent that time permits.<br>
<br>
Mike<br>
<br>
On 16/10/2014 21:54, Aleksey Sanin wrote:<br>
</div>
<blockquote cite="mid:54403068.1070009@aleksey.com" type="cite">
<pre wrap="">Short answer: there is nothing impossible, it's only software.
Long answer: I am not aware of anyone using xmlsec library on MSDOS
but assuming the C compiler is reasonable it should not be an issue.
Re "results are different" --- the real question is not if the
output of two programs look different but whether each of the
programs can verify signatures created by the other program.
Aleksey
On 10/16/14, 1:43 PM, Luiz Antonio Emerenciano Alcoforado wrote:
</pre>
<blockquote type="cite">
<pre wrap="">*Dear Alexey,*
I was given the assignment to rewrite a java program that uses Bouncy
Castle to a C program that could do the same function, sign an xml file
and extract the digest.
I choose XMLSec Library to do that and was toying with code and with
xmlsec1 for more than four weeks now.
I am doing all simulations (a concept proof) under Centos 5.4 32-bit.
First, I would like to see the process work with command-line (xmlsec1)
to be sure and than proced to write the C program.
But I am stuck with xmlsec1 and the results, for they are different from
the results obtained by the other team, the java people.
The code that I need to port from java to C is shown below.
On top of that, the C program must be compiled by OpenWatcom and run
under Causeway, under MS-DOS.
Can you say something to help me go forward, even a little ?
Is this scenario feasible?
I thank you very much for any light you could shed on this.
Best regards,
Luiz Antonio Emerenciano Alcoforado
Recife, Brasil
public String getDigestValue(String xml) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true); // Necessário para que o
DigestValue seja igual ao código C# da SEFAZ
try {
if (_cert == null) throw new Exception("objeto
X509Certificate nao inicializado");
else if (_pvtKey == null) throw new Exception("objeto
PrivateKey nao inicializado");
String thisLine = "";
String xmlString = "";
BufferedReader br = new BufferedReader(new StringReader(xml));
// Necessário para que o DigestValue seja igual ao código C#
da SEFAZ
while ((thisLine = br.readLine()) != null) {
xmlString = xmlString + thisLine.trim();
}
br.close();
ByteArrayInputStream xmlStream = new
ByteArrayInputStream(xmlString.getBytes());
Document doc = dbf.newDocumentBuilder().parse(xmlStream);
DOMSignContext dsc = new DOMSignContext(_pvtKey,
doc.getDocumentElement());
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM");
List transformers = new ArrayList();
transformers.add(fac.newTransform(<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2000/09/xmldsig#enveloped-signature">"http://www.w3.org/2000/09/xmldsig#enveloped-signature"</a>,
(TransformParameterSpec) null));
transformers.add(fac.newTransform(<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/TR/2001/REC-xml-c14n-20010315">"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"</a>,
(TransformParameterSpec) null));
NodeList nodelist = doc.getDocumentElement().getChildNodes();
Node nodeInfNfe = null;
for (int ct = 0; ct < nodelist.getLength(); ct++) {
if
(nodelist.item(ct).getNodeName().equalsIgnoreCase("infNFe")) {
nodeInfNfe = nodelist.item(ct);
break;
}
}
if (nodeInfNfe == null) throw new Exception("falha ao
localizar tag <infNFe>");
NamedNodeMap nnm = nodeInfNfe.getAttributes();
NodeList nl = doc.getElementsByTagName("infNFe"); //
Node node = nl.item(0); // Obs.:
três linhas obrigatórias a partir de JDK 1.7 Update 25
((Element) node).setIdAttribute("Id", true); //
String nfeId = nnm.getNamedItem("Id").getNodeValue();
Reference ref = fac.newReference("#" + nfeId,
fac.newDigestMethod(DigestMethod.SHA1, null), transformers, null, null);
SignedInfo si = fac.newSignedInfo(
fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,
(C14NMethodParameterSpec) null),
fac.newSignatureMethod(SignatureMethod.RSA_SHA1,
null), Collections.singletonList(ref));
KeyInfoFactory kif = fac.getKeyInfoFactory();
List x509Content = new ArrayList();
x509Content.add(_cert);
X509Data xd = kif.newX509Data(x509Content);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
return new String(Base64.encode(ref.getDigestValue()));
} catch (Exception e) {
e.printStackTrace();
throw new Exception("Impossivel calcular DigestValue (msg='"
+ e.getMessage() + "')");
}
}
}
</pre>
</blockquote>
<pre wrap="">_______________________________________________
xmlsec mailing list
<a class="moz-txt-link-abbreviated" href="mailto:xmlsec@aleksey.com">xmlsec@aleksey.com</a>
<a class="moz-txt-link-freetext" href="http://www.aleksey.com/mailman/listinfo/xmlsec">http://www.aleksey.com/mailman/listinfo/xmlsec</a>
</pre>
</blockquote>
<br>
</body>
</html>