[xmlsec] signing specific nodes

Putinei .Ionut putineiionut at gmail.com
Wed Jan 15 07:09:02 PST 2014 

Hello,

I have this xml file:

<misc_data>
    <capture_time>"2001-10-26T21:32:52"</capture_time>
    <data>
        <name>UEUE</name>
        <diagnostic_request_id>213123</diagnostic_request_id>
        <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
        <value>2423423</value>
    </data>
    <data>
        <name>UEUE</name>
        <diagnostic_request_id>213123</diagnostic_request_id>
        <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
        <value>2423423</value>
    </data>
    <data>
        <name>UEUE</name>
        <diagnostic_request_id>213123</diagnostic_request_id>
        <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
        <value>2423423</value>
    </data>
    <data>
        <name>UEUE</name>
        <diagnostic_request_id>213123</diagnostic_request_id>
        <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
        <value>2423423</value>
    </data>
    <mumu>asdas </mumu>
</misc_data>

and i want to sign :"capture_time" node and all "data" nodes.

tried adding this to template:
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
      <SignedInfo>
          <CanonicalizationMethod Algorithm=
           "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
          <SignatureMethod Algorithm=
           "http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
          <Reference>
          <Transforms>
              <Transform Algorithm=
              "http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
              <Transform Algorithm=
              "http://www.w3.org/TR/1999/REC-xpath-19991116">
                  <XPath>ancestor::capture_time</XPath>
              </Transform>
          </Transforms>
          <DigestMethod Algorithm=
          "http://www.w3.org/2000/09/xmldsig#sha1"/>
          <DigestValue></DigestValue>
          </Reference>
          <Reference>
          <Transforms>
              <Transform Algorithm=
              "http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
              <Transform Algorithm=
              "http://www.w3.org/TR/1999/REC-xpath-19991116">
                  <XPath>select /misc_data/data</XPath>
              </Transform>
          </Transforms>
          <DigestMethod Algorithm=
          "http://www.w3.org/2000/09/xmldsig#sha1"/>
          <DigestValue></DigestValue>
          </Reference>
      </SignedInfo>
      <SignatureValue />
      <KeyInfo>
          <KeyValue />
      </KeyInfo>


I not sure if do thing right here and also that the signed document is
correct.


Thanks,
Ionut
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20140115/debd8767/attachment.html>

More information about the xmlsec mailing list