Re: [ebxmlms-develop] Digital signatures

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

RE: [ebxmlms-develop] Digital signaturessorry, you're right, it occurred =
to me this morning as well before I got to e-mail again. What a short =
holiday can do :-)
  ----- Original Message -----=20
  From: Mayne, Peter=20
  To: 'ebx...@li...'=20
  Sent: Wednesday, May 28, 2003 8:13 AM
  Subject: RE: [ebxmlms-develop] Digital signatures

  An XML signature has a Reference containing a DigestValue for each =
message part (envelope + payloads), and a single SignatureValue.

  When I tried signing a document with and without an attachment, the =
DigestValue for the SOAP envelope remained unchanged.

  Are you sure we're referring to the same thing?=20

  PJDM=20
  --=20
  Peter Mayne=20
  Technology Consultant=20
  Spherion Technology Solutions=20
  Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602=20
  T: 61 2 62689727  F: 61 2 62689777=20
  -----Original Message-----=20
  From: Gait Boxman [mailto:gai...@ti...]=20
  Sent: Wednesday, 28 May 2003 4:03 PM=20
  To: ebx...@li...=20
  Subject: Re: [ebxmlms-develop] Digital signatures=20

  It is, the digest is based on the transformed envelope plus all the =
payloads, that's why you must do addDocument before computing the =
signature.

  ----- Original Message -----=20
  From: Mayne, Peter=20
  To: 'ebx...@li...'=20
  Sent: Wednesday, May 28, 2003 1:03 AM=20
  Subject: RE: [ebxmlms-develop] Digital signatures=20

  I know, but the DigestValue for the SOAP envelope isn't affected by =
the presence of payloads (is it?). If I can't get my SOAP envelope's =
DigestValue to match the one that Hermes produces for the same envelope, =
then there's not much point worrying about the final signature value =
yet.

  PJDM=20
  --=20
  Peter Mayne=20
  Technology Consultant=20
  Spherion Technology Solutions=20
  Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602=20
  T: 61 2 62689727  F: 61 2 62689777=20
  -----Original Message-----=20
  From: Gait Boxman [mailto:gai...@ti...]=20
  Sent: Tuesday, 27 May 2003 5:43 PM=20
  To: ebx...@li...=20
  Subject: Re: [ebxmlms-develop] Digital signatures=20

  Hi Peter,=20
  you'll need to add the payloads as well, they get computed into the =
digest. Either send yourself a signed message w/o payloads, or add the =
payloads in the test routine with addDocument.

  --Gait.=20
  ----- Original Message -----=20
  From: Mayne, Peter=20
  To: 'ebx...@li...'=20
  Sent: Tuesday, May 27, 2003 8:34 AM=20
  Subject: RE: [ebxmlms-develop] Digital signatures=20

  I've written (borrowing heavily from one of the samples) the attached =
rather crude program that takes an ebXML envelope and signs it. For =
input, I'm trapping a signed message from Hermes, editing out the =
headers, mime boundaries, attachments, etc, removing the signature, and =
using the remaining envelope.

  I've compared it to ApacheXMLDSigner.sign() and they look similar as =
far as I can tell.=20
  Unfortunately, the DigestValue I get is not the same as the one that =
Hermes generates. (I'm not worried about attachments or signature values =
yet.) Would someone care to have a quick look and spot the differences?

  I'm not sure where XSLT comes in to it.=20
  Thanks.=20
  PJDM=20
  --=20
  Peter Mayne=20
  Technology Consultant=20
  Spherion Technology Solutions=20
  Level 1, 243 Northbourne Avenue, Lyneham, ACT, 2602=20
  T: 61 2 62689727  F: 61 2 62689777=20
   =20
  The information contained in this email and any attachments to it:=20
  (a) may be confidential and if you are not the intended recipient, any =
interference with,=20
  use, disclosure or copying of this material is unauthorised and =
prohibited; and=20
  (b) may contain personal information of the recipient and/or the =
sender as defined=20
  under the Privacy Act 1988 (Cth). Consent is hereby given by the =
recipient(s) to=20
  collect, hold and use such information and any personal information =
contained in a=20
  response to this email, for any reasonable purpose in the ordinary =
course of=20
  Spherion's=20
  business, including forwarding this email internally or disclosing it =
to a third party. All=20
  personal information collected by Spherion will be handled in =
accordance with=20
  Spherion's Privacy Policy. If you have received this email in error, =
please notify the=20
  sender and delete it.=20
  (c) you agree not to employ or arrange employment for any candidate(s) =
supplied in=20
  this email and any attachments without first entering into a =
contractual agreement with=20
  Spherion. You further agree not to divulge any information contained =
in this document=20
  to any person(s) or entities without the express permission of =
Spherion.=20

The information contained in this email and any attachments to it:

(a) may be confidential and if you are not the intended recipient, any =
interference with,=20
use, disclosure or copying of this material is unauthorised and =
prohibited; and

(b) may contain personal information of the recipient and/or the sender =
as defined=20
under the Privacy Act 1988 (Cth). Consent is hereby given by the =
recipient(s) to=20
collect, hold and use such information and any personal information =
contained in a=20
response to this email, for any reasonable purpose in the ordinary =
course of=20
Spherion's=20
business, including forwarding this email internally or disclosing it to =
a third party. All=20
personal information collected by Spherion will be handled in accordance =
with=20
Spherion's Privacy Policy. If you have received this email in error, =
please notify the=20
sender and delete it.

(c) you agree not to employ or arrange employment for any candidate(s) =
supplied in=20
this email and any attachments without first entering into a contractual =
agreement with=20
Spherion. You further agree not to divulge any information contained in =
this document=20
to any person(s) or entities without the express permission of Spherion.