473,322 Members | 1,501 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Signing xml

Hello!

I'd like to sign part od XML document, i.e. object:

<object id="myId">
<content myattribute1="value1" myattribute2="value2" />
</object>

I tried to do it with xmlsec and envelped signature, but found, that
if I change number of spaces in indents:

<object>
<content myattribute1="value1" myattribute2="value2" />
</object>

verification fails. How can I avoid this ?

This is Signature part:

<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue></DigestValue>
</Reference>
</SignedInfo>
<SignatureValue/>
<KeyInfo>
<KeyName/>
</KeyInfo>
</Signature>
JT.
Apr 5 '06 #1
1 1273
Jarek wrote:
I'd like to sign part od XML document, i.e. object:
I tried to do it with xmlsec and envelped signature, but found, that
if I change number of spaces in indents:
verification fails. How can I avoid this ?


You can't, as far as I know. XML Signatures are explicitly sensitive to
whitespace, since they've made no attempt to distinguish between
whitespace that is or is not significant to the document's meaning.
Canonicalization suppresses *some* possible non-meaningful differences,
but I don't think it will suppress this one.

--
() ASCII Ribbon Campaign | Joe Kesselman
/\ Stamp out HTML e-mail! | System architexture and kinetic poetry
Apr 5 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Joel Leong | last post by:
I wish to know the industrial practices for signing assemblies with key files. I genereted a key file to sign my assemblies. Should I sign all my assemblies with a single key files or I shall...
1
by: Martin | last post by:
I have a couple of questions around code signing with MS technology: 1. Is there a way to transfer the generated strong name signing private key directly to a smartcard (or generate it on the...
4
by: Todd Richardson | last post by:
Two questions. We would like to have users complete ASP.NET web forms for submission. Once these are completed I would like to generate an XML document from the form. The XML document should...
0
by: cl | last post by:
I am using the "VeriSign Class 3 Code Signing" certificate for signing my Access program in Office 2003. Up to now, when program was installed on client machine, a form was appearing and user...
3
by: bob | last post by:
Hello, I thought assembly signing might add protection against people reverse engineering my program, removing the protection and using it illegally. But it seems they can just stop the clr...
1
by: AVL | last post by:
Hi I need some clarification on signing. what does it mean--signing an assembly? where is ti used? How is it used?
0
by: Daniel | last post by:
Hi, I need help signing SOAP/XML. Have been stuck with this for a couple of days now. I get the following error message from the server: "The security token could not be authenticated or...
0
by: Raffi Basmajian | last post by:
I am trying to understand the difference between signing ClickOnce manifests and signing shared assemblies. My company is building .Net 2005 WinForm applications for internal company use only....
6
by: raylopez99 | last post by:
Anybody use Strong Name Signing? I think this is used by default for Resource files, which is one reason perhaps I can't get my resource files to work (somehow the public key is messed up, perhaps...
1
by: BillE | last post by:
<extreme frustration> I have googled and read about this, but can't seem to get a grip on it. Apparently I am being coerced into digitally signing applications. Is this true? What if I don't...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.