- From: Joan Arnedo <joanar@ac.upc.es>
- Date: Tue, 7 Aug 2001 10:54:54 +0200 (MET DST)
- To: w3c-ietf-xmldsig@w3.org
Hello,
I've just begun experimenting with XML signature and a very
simple doubt has assaulted me. Sorry if it may sound somewhat
silly because of my inexperience, but any help would be greatly
appreciated.
When it's time to canonicalize+sign the SignedInfo part of the
signature, what would be the real input? Given the following
example:
(NOTE: Bad indentation on purpose. It's with this "ignorable
whitespaces" I have this doubt).
<Signature>
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#Id1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>piJmPr7IwVyYS1/EzMcFJ3TpMCY=</DigestValue>
</Reference>
<Reference URI="http://anything">
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>V/CqceX8ahoh5L0YhjcutmA/s84=</DigestValue>
</Reference>
</SignedInfo>
...
What would be exactly the input data (where does it exactly start and where does
it exactly end?
* <SignedInfo>
...
</SignedInfo>(+linefeed)*
* <SignedInfo>
...
</SignedInfo>*
*<SignedInfo>
...
</SignedInfo>*
*=start/end
I have the same doubt as far as generating digests for enveloped
objects which are XML:
<Object>
<start>
...
</start>
</Object>
Well, thanks a lot in advance.
Joan Arnedo
Computer Architecture Department
UPC
Received on Thursday, 9 August 2001 06:26:52 UTC