goxmldsig icon indicating copy to clipboard operation
goxmldsig copied to clipboard

Published 20 hours ago verified publisher icon russellhaering

Support http://www.w3.org/2001/10/xml-exc-c14n#WithComments

Open davrux opened this issue 6 years ago • 3 comments

Support for

Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"

Is now able to verify this:

<ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
  <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</ds:Transforms>
....

davrux avatar Jun 15 '18 15:06 davrux

Maybe you should also add this part of code?

type CanonicalXML10ExclusiveComment struct{}

// MakeC14N11Canonicalizer constructs an inclusive canonicalizer.
func MakeCanonicalXML10ExclusiveComment() Canonicalizer {
	return &CanonicalXML10ExclusiveComment{}
}

// Canonicalize transforms the input Element into a serialized XML document in canonical form.
func (c *CanonicalXML10ExclusiveComment) Canonicalize(el *etree.Element) ([]byte, error) {
	scope := make(map[string]struct{})
	return canonicalSerialize(canonicalPrep(el, scope))
}

func (c *CanonicalXML10ExclusiveComment) Algorithm() AlgorithmID {
	return CanonicalXML10ExclusiveCommentAlgorithmId
}

KanybekMomukeyev avatar Feb 03 '20 07:02 KanybekMomukeyev

@russellhaering Hey Russell, do you plan to proceed with this PR please? That would help us a lot! 🙇🏻

Anyway I think that this PR lacks one extra piece of code:

case CanonicalXML10ExclusiveCommentAlgorithmId:
    canonicalSignedInfo = canonicalPrep(detachedSignedInfo, map[string]struct{}{})

in switch in findSignature method in validate.go

Thanks in advance 🥇

simonbrynych avatar Sep 01 '21 06:09 simonbrynych

I've just created updated PR (with master) and from my POV with all necessary changes https://github.com/russellhaering/goxmldsig/pull/74

simonbrynych avatar Sep 03 '21 08:09 simonbrynych