[xmlsec] Regarding Hmac-SHA1 signing.
Aleksey Sanin
aleksey at aleksey.com
Thu Oct 10 06:44:04 PDT 2013
There is no such thing as HMAC-only. I would strongly advise you to
read a book or two about cryptography first before dealing the XML
security.
Best,
Aleksey
On 10/10/13 2:15 AM, Venkataragavan Vijayakumar wrote:
> Hi,
>
> I have written the follwing code to sign the element in the document
> using HMAC-SHA1 Algorithm. I have taken the sample code from this
> mailing list.
> My doubt is that code contains API like CreateHmackey. Whether it is for
> Hmac-sha1 or for Hmac only.
> If i asked silly question please forgive me.
>
> Please let me this code is for HMAC-SHA1 signing.
>
>
>
> The code is:
>
>
> sign(xmlNodePtr g_SignatureNode, const char* keybuf)
> {
>
> dsigCtx = xmlSecDSigCtxCreate(NULL);
> if(dsigCtx == NULL) {
> fprintf(stderr,"Error: failed to create signature context\n");
> goto done;
> }
>
>
> dsigCtx->signKey = CreateHmacKey(keybuf, keysize);
>
>
> xmlSecDSigCtxSign(dsigCtx, g_SignatureNode)
>
> }
>
>
>
> xmlSecKeyPtr CreateHmacKey(const xmlSecByte * buf, xmlSecSize size)
> {
> xmlSecKeyPtr key;
> xmlSecKeyDataPtr key_data;
> int ret;
> const unsigned char *p = buf;
>
> key = xmlSecKeyCreate();
> if(!key) {
> return (NULL);
> }
>
> key_data = xmlSecKeyDataCreate(xmlSecKeyDataHmacId);
> if(!key_data) {
> xmlSecKeyDestroy(key);
> return (NULL);
> }
>
> ret = xmlSecKeySetValue(key, key_data);
> if(ret < 0) {
> xmlSecKeyDataDestroy(key_data);
> xmlSecKeyDestroy(key);
> return (NULL);
> }
>
>
> ret = xmlSecOpenSSLKeyDataHmacSet(key_data, buf, size);
> if(ret < 0) {
> xmlSecKeyDestroy(key);
> return (NULL);
> }
>
> return (key);
> }
>
>
> Thanks,
> Venkat.
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
>
More information about the xmlsec
mailing list