- From: Rafa <rafael.hernandez@ya.com>
- Date: Mon, 03 Oct 2005 13:52:51 +0200
- To: Rich Salz <rsalz@datapower.com>
- CC: "w3c-ietf-xmldsig@w3.org" <w3c-ietf-xmldsig@w3.org>
Rich Salz escribió: >You cannot just cut/paste your output into email, too many things will >happen to it. The safest is to attach it, perhaps do a ZIP or base64 >first. > >There are several free c14n routines around, including xmlsec, python-xml, >apache java security suite, etc. You might find it worthwhile to search, >download, and install one of those packages to make comparisions. > > /r$ > > > Thanks for your replay. Your hint has been pretty helpful in other fights I'm holding. I've used smlsec on WindowsXP to obtain a correctly canonicalization of <SignedInfo>. Anyway I'm still hitting the same wall. Probably your 1st sentence is the clue. When I first read it, I said to myself: Why not? I'm just using US ASCII7 characters. Papers say there is a direct correspondence from ASCII7 to UTF-8 characters. Could it be that the internal representation of the canonicalized <SignedInfo> is not as simple as one byte per character although I use only ASCII characters? In other words, what is the exact byte-stream I must use as input to the SHA1 algorithm? Thanks for your time, Rafael Hernández
Received on Monday, 3 October 2005 11:51:26 UTC