Re: [xml] Canonicalization (C14N) of an XML element

Thanks for your prompt responses. 

Hm... I am sorry but I have to ask if you really want to
write xmldsig implementation yourself. I did it once

Sorry, I forgot to tell you: We are aware of your XML Security Library. 

I am sure it is a very fine product, but we decided not to use it. We
could not figure out how to make XML Sec fit into our environment, for
the following reasons (I'm leaving out some details, to avoid
revealing product or security details which I'm not supposed to

- For signature generation, and for key unwrapping (decryption), we
use an RSA private key, stored in hardware.
- Our cryptograpic library is proprietary. 
- We are working in an embedded system, where memory footprint is very

We are not making our own xmldsig implementation. We only have a small
subset of the xmldsig and xmlenc cryptographic operations, and those
operations are heavily constrained by technical specifications.

The xmlC14NExecute function allows one to
provide a callback that would be called to determine if
a given node is "visible" (i.e. included in c14n output)
or not. To canonicalize just a given node (with all the
attributes and children nodes) you can write a callback
function that would return "true" for your node, its attributes,
namespaces and children nodes and "false" for all other
nodes in the document.


Thank you, I will try that. 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]