K
K.Strunk
Hi!
I have a problem signing a XML-document. I need to sign a subnode of a
document. So I need to refer to this subnode from within my signature. But
how can I do that with XPath?
I tried the following, but I couldn't verify it using an online-verifier
(http://www.aleksey.com/xmlsec/xmldsig-verifier.html).
Could anybody please help me with that reference? Thanx a lot!
And here's my document:
<?xml version="1.0" encoding="UTF-8"?>
<Request xmlns="http://...">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath
xmlns:msg="http://...">/Request[1]/msg:Message[1]</ds:XPath>
</ds:Transform>
</ds:Transforms>
<dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
/>
<dsigestValue>uT3v+Iq3LQUxokKorQq4xrNL5HI=</dsigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>...</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>...</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
<Message xmlns:msg="...">
Hello
</Message>
</Request>
I have a problem signing a XML-document. I need to sign a subnode of a
document. So I need to refer to this subnode from within my signature. But
how can I do that with XPath?
I tried the following, but I couldn't verify it using an online-verifier
(http://www.aleksey.com/xmlsec/xmldsig-verifier.html).
Could anybody please help me with that reference? Thanx a lot!
And here's my document:
<?xml version="1.0" encoding="UTF-8"?>
<Request xmlns="http://...">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath
xmlns:msg="http://...">/Request[1]/msg:Message[1]</ds:XPath>
</ds:Transform>
</ds:Transforms>
<dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
/>
<dsigestValue>uT3v+Iq3LQUxokKorQq4xrNL5HI=</dsigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>...</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>...</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature>
<Message xmlns:msg="...">
Hello
</Message>
</Request>