SV: [xmlsec] Using a content ID for URI
Aleksey Sanin
aleksey at aleksey.com
Fri Sep 26 00:01:56 PDT 2003
Well, probably the best option for you would be option #2: use special
URL protocol
in URI attributes like "cid:<attachment id>" and create custom protocol
handlers
for "cid". Take a look at LibXML2 IO tutorial:
http://xmlsoft.org/xmlio.html
and xmlsec API reference:
http://www.aleksey.com/xmlsec/api/xmlsec-io.html
And do not forget to register your protocol handlers in both xmlsec and
libxml2.
Aleksey
Johannes Kjos wrote:
>Ok, I will try to explain once more :)
>
>My secapp is a toolkit to support XMLDsig signing MIME message, there are
>two or more mime parts and the first part is SOAP (<header> and <body>), the
>other mime parts are attachments. These attachments are signed and the
><Signature> is placed inside the SOAP <header>. My secapp only relates and
>thereby returns the SOAP message to the calling application which deals with
>the mime packing and so on. So, when signing an attachment, the calling
>application has to give my secapp a cid and the filepath (it's all filebased
>for a reason not to mention here) for the file to sign, insert the cid in
><SignedInfo> make a digest (and put it in <DigestValue>) of the file with
>filepath, and then sign <SignedInfo>. The reason the cid is signed and not
>the filepath is because my secapp don't deal with the attachment in the
>mimemessage, the calling application does.
>So when verifying the callig app will search through the attachments and
>when it finds a cid it will give the filepath and the cid to my secapp (the
>rest of the <References> in the <Signature> will be resolved by xmlsec in
>normal manner). My secapp will make a list of these mappings and hopefully
>in some way make the xmlsec to understand that the <SignatureValue> is a
>signature over the current <SignedInfo> but the <DigestValue> of the
>references with the cids is from the files with filepath given by the
>mappings....I know this is working e.g. in the java lib IAIK...
>
>I think this is a version of ebXML.
>
>Best regards,
>Johannes
>
>
>
>-----Opprinnelig melding-----
>Fra: Aleksey Sanin [mailto:aleksey at aleksey.com]
>Sendt: 25. september 2003 17:41
>Til: Johannes Kjos
>Kopi: 'xmlsec at aleksey.com'
>Emne: Re: [xmlsec] Using a content ID for URI
>
>
>No, it's actually not quite clear but I would try to guess :)
>
> 1) You would like to use "#ID" or any other XPointer expression in
>URI attributes.
> Yes, it is possible. Please read section 3.2 from FAQ
>http://www.aleksey.com/xmlsec/faq.html
> for the only known common issue about that.
>
> 2) You need to use custom protocols like URI="cid:something"
> Yes, it is possible. You would need to register custom protocol
>handlers in both
> LibXML2 and xmlsec. Search headers in both libraries for
>"RegisterProtocol".
> Protocol handlers in both libraries are exactly the same. LibXML2
>handlers are used
> for reading XML files (thus they can automatically do some smart
>things like gzip/gunzip)
> and xmlsec protocol handlers are used for reading binary files. Also
>there is a tutorial'
> page on LibXML2 web site http://xmlsoft.org about writing IO callbacks.
>
>
>Aleksey
>
>
>Johannes Kjos wrote:
>
>
>
>>Hello!
>>I'm using xmlsec 0.0.15! And using an upgrade makes a lot of work for me
>>because other project participants have made quit a lot of work in the
>>0.0.15 code.
>>
>>My question is: Is it possible to make the xmlseclib to use a cid for URI
>>
>>
>in
>
>
>>SignedInfo References? E.g.I want the calling app to search through a some
>>blocks of a message, inside them there is cids to be resolved for the cids
>>in the references (the signature is in a header element). The calling app
>>should send e.g. filepath and URI to my secapp and I will make xmlsec to
>>
>>
>use
>
>
>>the file for digest but have the cid for that file in SignedInfo when
>>signing - and the other way when verifying.
>>
>>Hope this is understandable...
>>
>>Best regards,
>>Johannes
>>
>>
>>_______________________________________________
>>xmlsec mailing list
>>xmlsec at aleksey.com
>>http://www.aleksey.com/mailman/listinfo/xmlsec
>>
>>
>>
>>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20030926/3a746f1c/attachment.htm
More information about the xmlsec
mailing list