W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2005

Simple question about canonicalization

From: Rafa <rafael.hernandez@ya.com>
Date: Fri, 30 Sep 2005 14:38:15 +0200
Message-ID: <433D31B7.9040403@ya.com>
To: w3c-ietf-xmldsig@w3.org

Hello, I'm kind of new to XML-Signature.
I need to program a PLC to send XML message with an eveloped signautre. 
This is a sample XML message:
<conf pr="hora"></conf>

Since I have to do all the work "by hand" (no libraries availabe) with 
strings I pretend to produce an already canonicalized version of the 
<SignedInfo> element.
 From reading of your documents I understand this is the canonicalized 
version of it (ignore newlines, they are not in the string):
<SignedInfo>
<CanonicalizationMethod 
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></CanonicalizationMethod>
<SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod>
<Reference URI="">
<Transforms 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transforms>
<DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
<DigestValue>X5+Q4BoE+DFqkCN6nn316+d+BQs=</DigestValue>
</Reference>
</SignedInfo>

I, then SHA1-digest this string and RSA-encrypt the obtained digestion. 
All I have at hand to compare is the proper signature for that message, 
generated by a friend. I positively know that the difference is in the 
digest value. Therefore the problem is that I'm not canonicalizing 
<SignedInfo> correctly.
What am I doing wrong?

Thanks in advance.
Rafael Hernández
Received on Saturday, 1 October 2005 02:28:27 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.30 : Saturday, 1 October 2005 02:28:28 GMT