[xmlsec] signing specific nodes
Aleksey Sanin
aleksey at aleksey.com
Thu Jan 16 06:42:51 PST 2014
Great! Good to know you figured it out.
Aleksey
On 1/16/14, 3:10 AM, Putinei .Ionut wrote:
> Thanks,
>
>
> That really helped a lot together with this old thread:
> http://www.aleksey.com/pipermail/xmlsec/2010/008982.html
>
> Regards,
> Ionut
>
>
> On Wed, Jan 15, 2014 at 9:38 PM, Aleksey Sanin <aleksey at aleksey.com
> <mailto:aleksey at aleksey.com>> wrote:
>
> Use "--store-references" command line option for xmlsec1 utility. It
> will print you the exact data you are signing so you can verify it
> yourself :)
>
> Aleksey
>
> On 1/15/14, 7:09 AM, Putinei .Ionut wrote:
> > Hello,
> >
> > I have this xml file:
> >
> > <misc_data>
> > <capture_time>"2001-10-26T21:32:52"</capture_time>
> > <data>
> > <name>UEUE</name>
> > <diagnostic_request_id>213123</diagnostic_request_id>
> >
> <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
> > <value>2423423</value>
> > </data>
> > <data>
> > <name>UEUE</name>
> > <diagnostic_request_id>213123</diagnostic_request_id>
> >
> <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
> > <value>2423423</value>
> > </data>
> > <data>
> > <name>UEUE</name>
> > <diagnostic_request_id>213123</diagnostic_request_id>
> >
> <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
> > <value>2423423</value>
> > </data>
> > <data>
> > <name>UEUE</name>
> > <diagnostic_request_id>213123</diagnostic_request_id>
> >
> <onboard_data_definition_id>qeqeqwqw</onboard_data_definition_id>
> > <value>2423423</value>
> > </data>
> > <mumu>asdas </mumu>
> > </misc_data>
> >
> > and i want to sign :"capture_time" node and all "data" nodes.
> >
> > tried adding this to template:
> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> > <SignedInfo>
> > <CanonicalizationMethod Algorithm=
> > "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
> > <SignatureMethod Algorithm=
> > "http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> > <Reference>
> > <Transforms>
> > <Transform Algorithm=
> >
> "http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
> > <Transform Algorithm=
> > "http://www.w3.org/TR/1999/REC-xpath-19991116">
> > <XPath>ancestor::capture_time</XPath>
> > </Transform>
> > </Transforms>
> > <DigestMethod Algorithm=
> > "http://www.w3.org/2000/09/xmldsig#sha1"/>
> > <DigestValue></DigestValue>
> > </Reference>
> > <Reference>
> > <Transforms>
> > <Transform Algorithm=
> >
> "http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
> > <Transform Algorithm=
> > "http://www.w3.org/TR/1999/REC-xpath-19991116">
> > <XPath>select /misc_data/data</XPath>
> > </Transform>
> > </Transforms>
> > <DigestMethod Algorithm=
> > "http://www.w3.org/2000/09/xmldsig#sha1"/>
> > <DigestValue></DigestValue>
> > </Reference>
> > </SignedInfo>
> > <SignatureValue />
> > <KeyInfo>
> > <KeyValue />
> > </KeyInfo>
> >
> >
> > I not sure if do thing right here and also that the signed document is
> > correct.
> >
> >
> > Thanks,
> > Ionut
> >
> >
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com <mailto:xmlsec at aleksey.com>
> > http://www.aleksey.com/mailman/listinfo/xmlsec
> >
>
>
More information about the xmlsec
mailing list