xml-crypto icon indicating copy to clipboard operation
xml-crypto copied to clipboard
verified publisher icon yaronn

how to create a reference to KeyInfo?

Open sibelius opened this issue 11 months ago • 9 comments 

<Reference
URI=”<unique-id-toKeyInfo>

<KeyInfo Id=”unique-id-to-KeyInfo”>
(...................)
</KeyInfo>

<ds:Reference URI="#key-info-id">
 <ds:Transforms>
 <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 </ds:Transforms>
 <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
 <ds:DigestValue>J9fL+QyrtblrJnk0gjGnGPaDt42AKfNRM3uv4EbdbrM=</ds:DigestValue>
 </ds:Reference>

sibelius avatar Jan 28 '25 20:01 sibelius

Are you aware that this repository has discussions section activated?

IMHO all of these could have been started as questions at discussions instead of issues:

  • https://github.com/node-saml/xml-crypto/issues/479
  • https://github.com/node-saml/xml-crypto/issues/480
  • https://github.com/node-saml/xml-crypto/issues/481
  • https://github.com/node-saml/xml-crypto/issues/482
  • https://github.com/node-saml/xml-crypto/issues/483

Some of those issues were resolved by you with comment like "nevermind"/"got working". If you had an issue why not share solution with others who might have tried to already spend time to replicate your problem with short info that you provided.

srd90 avatar Jan 30 '25 08:01 srd90

Are you after this pending/work in progress enabler:

  • https://github.com/node-saml/xml-crypto/issues/463
  • https://github.com/node-saml/xml-crypto/pull/464

Quote from https://github.com/node-saml/xml-crypto/issues/463 :

... Adding a Reference to each part of the document to be signed is cumbersome and still leaves <KeyInfo /> without a Reference. ...

If answer is yes then this question issue is duplicate of enhancement issue https://github.com/node-saml/xml-crypto/issues/463

srd90 avatar Jan 30 '25 21:01 srd90

does we have a solution for this ?

or should we use this new patched code ?

sibelius avatar Jan 30 '25 23:01 sibelius

does we have a solution for this ?

Where are you point with this question's this?

If your question's this point to this: https://github.com/node-saml/xml-crypto/issues/463

then you have some initial version of solution available at this draft PR: https://github.com/node-saml/xml-crypto/pull/464

or should we use this new patched code ?

I cannot figure out whats this question's this could be.

srd90 avatar Jan 30 '25 23:01 srd90

@sibelius , As you can see from the issue linked to by @srd90 , I've started work on this, but haven't completed it (and don't see time on the immediate horizon to do so). If you have a solution, or care to collaborate on this, please do so. This would significantly increase the security of this library and make it easier to use.

cjbarth avatar Jan 31 '25 15:01 cjbarth

Is there any test failing?

sibelius avatar Jan 31 '25 15:01 sibelius

What is missing in your implementation?

sibelius avatar Jan 31 '25 15:01 sibelius

@sibelius , please continue this discussion on the linked issue or the associated PR. You'll see that there are tests failing. I tried to start with a battery of tests so that I could do test-driven-development with this feature addition, so you should see what the end goal should look like. It is possible that I've gotten the test wrong too (programmers are imperfect).

cjbarth avatar Jan 31 '25 15:01 cjbarth

IMHO this issue could be closed because this is actually duplicate of/work in progress in:

  • https://github.com/node-saml/xml-crypto/issues/463
  • https://github.com/node-saml/xml-crypto/pull/464

srd90 avatar Feb 17 '25 17:02 srd90