How to create proper digest value for enveloped XML signing?



I am struggling to sign an XML with the enveloped variant. So I have the following Object at the end of the "Signature" element:



<Object Id="SignatureProperties">
    <SignatureProperties xmlns="">
        <SignatureProperty Target="#XMLDokumentenSignierungsToolSignature" Id="TimeStamp">
            <TimeStamp>
                <Date>2014-08-19</Date>
                <Time>09:02:02.3584956+02:00</Time>
            </TimeStamp>
        </SignatureProperty>
    </SignatureProperties>
</Object>


What I should get, is the following DigestValue using the mentioned Algorithms:



<SignedInfo>
    <CanonicalizationMethod Algorithm="http://ift.tt/y9fQ1c"/>
    <SignatureMethod Algorithm="http://ift.tt/zf1Wx4"/>
    <Reference URI="#SignatureProperties" Type="http://ift.tt/1BwAvZQ">
        <DigestMethod Algorithm="http://ift.tt/yuvO4a"/>
        <DigestValue>SnyB8lpTZ9qWBv/6ki9jhV4JQTk=</DigestValue>
    </Reference>
</SignedInfo>


But I can't seem to get it right. I already tried various combinations of whitespaces. Does anyone know how this is "normally" done? e.g. is it possible that I have to omit the "Object" element itself when hashing? or add an <?xml version="1.0"?> at the beginning? and how's about those indents?


No comments:

Post a Comment

Subscribe to: Post Comments (Atom)