Digital signature by Oxygen
Questions about XML that are not covered by the other forums should go here.
Digital signature by Oxygen
Hi All.
I would like to get to know how Oxigyn sign XML.
I use the following sign options:
Envelope
ID: Body
Here is my original file:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instan ... apenv:Body Id="Body"><sml:search xmlns:sml="urn:1:0" xmlns:sub="urn:SUB:1:0"><version>v1</version><base><objectclass>Sub</objectclass><alias name="im" value="1111" xsi:type="sub:SubType"></alias></base></sml:search></soapenv:Body></soapenv:Envelope>
Could anybody indicate my which exactly part of file is being used during signing process?
I would like to get to know how Oxigyn sign XML.
I use the following sign options:
Envelope
ID: Body
Here is my original file:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instan ... apenv:Body Id="Body"><sml:search xmlns:sml="urn:1:0" xmlns:sub="urn:SUB:1:0"><version>v1</version><base><objectclass>Sub</objectclass><alias name="im" value="1111" xsi:type="sub:SubType"></alias></base></sml:search></soapenv:Body></soapenv:Envelope>
Could anybody indicate my which exactly part of file is being used during signing process?
Re: Digital signature by Oxygen
Hi,
Given your sign options, the signed region of the document is:
This is because of the Id="Body" attribute from soapenv:Body.
Regards,
Adrian
Given your sign options, the signed region of the document is:
Code: Select all
<soapenv:Body Id="Body"><sml:search xmlns:sml="urn:1:0" xmlns:sub="urn:SUB:1:0"><version>v1</version><base><objectclass>Sub</objectclass><alias name="im" value="1111" xsi:type="sub:SubType"/></base></sml:search></soapenv:Body>Regards,
Adrian
Adrian Buza
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
Re: Digital signature by Oxygen
Hi,
thanks for answer. for me it's logical. But I'm a little bit puzzled.
If I don't use ID, message hash is:
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">Ddr ... igestValue>
And this result is the same as compared with third party translator(for example http://home.paulschou.net/tools/xlate/):
SHA1 hex: 0ddaf43598bf5eb9710e816c000ef6912ec5d997
or base64: Ddr0NZi/XrlxDoFsAA72kS7F2Zc=
But if ID "Body" is being used results are different:
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">/0Z ... igestValue>
SHA1 hex: cf7021aa46976aa25b685bc13af3fb1d97f453e7
or base64: z3AhqkaXaqJbaFvBOvP7HZf0U+c=
It suggests that something different is being used during sign procedure.
thanks for answer. for me it's logical. But I'm a little bit puzzled.
If I don't use ID, message hash is:
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">Ddr ... igestValue>
And this result is the same as compared with third party translator(for example http://home.paulschou.net/tools/xlate/):
SHA1 hex: 0ddaf43598bf5eb9710e816c000ef6912ec5d997
or base64: Ddr0NZi/XrlxDoFsAA72kS7F2Zc=
But if ID "Body" is being used results are different:
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">/0Z ... igestValue>
SHA1 hex: cf7021aa46976aa25b685bc13af3fb1d97f453e7
or base64: z3AhqkaXaqJbaFvBOvP7HZf0U+c=
It suggests that something different is being used during sign procedure.
Re: Digital signature by Oxygen
Something different is being used, since this is XML and not plain text. I thought you were just interested in what region of the XML document is being signed, not literally the exact text content that's being signed. The snippet I mentioned does not hold on its own as XML, so it's being augmented with the namespace declarations.
Like this:
This seems to translate to exactly what you see in the signed XML:
SHA1: ff466297817dec87d392e42fc82fa89de8d24e7d
Base64: /0Zil4F97IfTkuQvyC+onejSTn0=
Oxygen uses the Apache XML Security libraries, so you might want to check the details of the implementation on the Apache project page (now renamed to Santuario) : http://santuario.apache.org/
Regards,
Adrian
Like this:
Code: Select all
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Id="Body"><sml:search xmlns:sml="urn:1:0" xmlns:sub="urn:SUB:1:0"><version>v1</version><base><objectclass>Sub</objectclass><alias name="im" value="1111" xsi:type="sub:SubType"></alias></base></sml:search></soapenv:Body>SHA1: ff466297817dec87d392e42fc82fa89de8d24e7d
Base64: /0Zil4F97IfTkuQvyC+onejSTn0=
Oxygen uses the Apache XML Security libraries, so you might want to check the details of the implementation on the Apache project page (now renamed to Santuario) : http://santuario.apache.org/
Regards,
Adrian
Adrian Buza
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
<oXygen/> XML Editor, Schema Editor and XSLT Editor/Debugger
http://www.oxygenxml.com
Return to “General XML Questions”
Jump to
- Oxygen XML Editor/Author/Developer
- ↳ Feature Request
- ↳ Common Problems
- ↳ DITA (Editing and Publishing DITA Content)
- ↳ SDK-API, Frameworks - Document Types
- ↳ DocBook
- ↳ TEI
- ↳ XHTML
- ↳ Other Issues
- Oxygen XML Web Author
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Content Fusion
- ↳ Feature Request
- ↳ Common Problems
- Oxygen JSON Editor
- ↳ Feature Request
- ↳ Common Problems
- Oxygen PDF Chemistry
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Feedback
- ↳ Feature Request
- ↳ Common Problems
- Oxygen XML WebHelp
- ↳ Feature Request
- ↳ Common Problems
- XML
- ↳ General XML Questions
- ↳ XSLT and FOP
- ↳ XML Schemas
- ↳ XQuery
- NVDL
- ↳ General NVDL Issues
- ↳ oNVDL Related Issues
- XML Services Market
- ↳ Offer a Service