473,799 Members | 3,147 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Signed Xml - Reference - Digest Value

According to the xml digital signature standard
(http://www.w3.org/TR/xmldsig-core/), signature can be one of following:
enveloping, enveloped and detached. The standard says that signature element
should be excluded when signing using enveloped signature. It also says that
Object element (in case of enveloping signatgure) is not part of digital
signature.

So I started expermienting with SignedXml object in .net framework. To my
surprise, the digest value of a reference changed depending on whether the
signature is envloping or enveloped. I even used the transform for the
reference for canonicalizatio n in both cases.

Why is this case? Can any one explain?

Thanks.
Raghu/..
Nov 12 '05 #1
1 4594
I found this info in the standard:

***
The Object's Id is commonly referenced from a Reference in SignedInfo, or
Manifest. This element is typically used for enveloping signatures where the
object being signed is to be included in the signature element. The digest
is calculated over the entire Object element including start and end tags.

Note, if the application wishes to exclude the <Object> tags from the digest
calculation the Reference must identify the actual data object (easy for XML
documents) or a transform must be used to remove the Object tags (likely
where the data object is non-XML).

****

So this explains why digest value would be different in both cases. To
remove <Object> tag in the calculation of digest value, what should I do?

"Raghu" <Ra***@nospamzz zqcsi.com> wrote in message
news:ey******** ******@tk2msftn gp13.phx.gbl...
According to the xml digital signature standard
(http://www.w3.org/TR/xmldsig-core/), signature can be one of following:
enveloping, enveloped and detached. The standard says that signature element should be excluded when signing using enveloped signature. It also says that Object element (in case of enveloping signatgure) is not part of digital
signature.

So I started expermienting with SignedXml object in .net framework. To my
surprise, the digest value of a reference changed depending on whether the
signature is envloping or enveloped. I even used the transform for the
reference for canonicalizatio n in both cases.

Why is this case? Can any one explain?

Thanks.
Raghu/..

Nov 12 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1766
Digest Authentication (RFC 2831)
by: Jp Calderone | last post by:
I've been trying to implement support for this authentication scheme for a little while now, and in the last couple days I've been completely stumped. I know about the digest authentication code in urllib2, and while I'd like to use it directly, it is too closely tied to HTTP for my needs. I have taken hints from the code, but I am still stuck with something that doesn't recognize correct challenge responses as correct. I've reduced...
Python
19
6483
Unsigned/Signed Mismatch
by: MiniDisc_2k2 | last post by:
Okay, here's a question about the standard. What does it say about unsigned/signed mismatches in a comparison statement: char a = 3; unsigned char b = 255; if (a<b) Now what's the real answer here? If a is converted to unsigned, then b>a. But, if b is converted to signed,then a>b. What's the correct coversion (what is the compiler supposed to do?)
C / C++
8
2248
Three questions about signed/unsigned type representations
by: Rade | last post by:
Following a discussion on another thread here... I have tried to understand what is actually standardized in C++ regarding the representing of integers (signed and unsigned) and their conversions. The reference should be 3.9.1 (Fundamental types), and 4.7 (Integral conversions). It seems to me that the Standard doesn't specify: 1) The "value representation" of any of these types, except that (3.9.1/3) "... The range of nonnegative...
C / C++
6
1751
Signed-signed xml-doc and xsd
by: Jon G | last post by:
Hi, I´m a bit of a newbie when it comes to xml but here goes: I am using the SignedXml-class to construct a signed xmldoc which in turn contains 1 or more signed xml-doc which creates the following structure (edited of course): <Signature xmlns:xd="Whatever"> <Object Id="A uri"> <Signature>
.NET Framework
0
1199
XmlDsigXPathTransform / Signed XML problem
by: moulincourt | last post by:
Unable to use XmlDsigXPathTransform in SignedXml. It doesn't filter the xml document and the hashvalue is allways the same Based on first example provided here: http://msdn2.microsoft.com/en-us/library/e1awhttw The DigestValue (hash) returns always 2jmj7l5rSw0yVb/vlWAYkK/YBwk= whatever the data to sign can be (in the example, change 'Here is some data to sign' by another value,then the digest value in the signed xml document stays the
.NET Framework
9
4961
Question re. integral promotion, signed->unsigned
by: Fred Ma | last post by:
Hello, I've been trying to clear up a confusion about integer promotions during expression evaluation. I've checked the C FAQ and C++ FAQ (they are different languages, but I was hoping one would clear up the confusion), as well as googling groups and the web. The confusion is that for a binary operator,
C / C++
10
15666
What is the difference between signed and unsigned char?
by: tinesan | last post by:
Hello fellow C programmers, I'm just learning to program with C, and I'm wondering what the difference between signed and unsigned char is. To me there seems to be no difference, and the standard doesn't even care what a normal char is (because signed and unsigned have equal behavior). For example if someone does this: unsigned char a = -2; /* or = 254 */
C / C++
26
2780
mixing signed and unsigned
by: John Harrison | last post by:
I have a problem. I want to compare an integral value, n, against three half open ranges as follows [-A, 0) // range 1 [0, B) // range 2 [B, C} // range 3 Each range corresponds to a different outcome and if the integral value isn't within any of the ranges, that's a fourth outcome. So far so easy, the problem is that n is a signed quantity and A, B, C are unsigned
C / C++
6
6459
Unsigned & signed int
by: Kislay | last post by:
Consider the following code snippet unsigned int i=10; int j= - 2; // minus 2 if(i>j) cout<<"i is greater"; else cout<<"j is greater"; Since i is unsigned , j is greater . I know why , but vaguely . Can
C / C++
0
9546
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10268
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10247
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9079
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
7571
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6809
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
1
4146
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3762
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2941
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us