Differences between revisions 1 and 3 (spanning 2 versions)

xmlsec

https://www.aleksey.com/xmlsec/index.html

XML Security Library is a C library based on LibXML2. The library supports major XML security standards:

https://users.dcc.uchile.cl/~pcamacho/tutorial/web/xmlsec/xmlsec.html

Slackbuild

   1 wget https://slackbuilds.org/slackbuilds/14.2/libraries/xmlsec.tar.gz
   2 tar xvzf xmlsec.tar.gz 
   3 cd xmlsec
   4 wget https://www.aleksey.com/xmlsec/download/xmlsec1-1.2.29.tar.gz
   5 ./xmlsec.SlackBuild 
   6 installpkg  /tmp/xmlsec-1.2.29-i586-1_SBo.tgz

Sign with certificate test.xml

openssl req -new -x509 -days 3650 -nodes -out cert.pem -keyout privkey.pem
xmlsec1 --sign --privkey-pem privkey.pem --output test_signed.xml test.xml
xmlsec1 --verify test_signed.xml

test.xml

   1 <a>
   2         <b Id="tosign">
   3                 <c>test</c>
   4         </b>
   5 <!-- signature template -->
   6 <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
   7   <SignedInfo>
   8    <CanonicalizationMethod Algorithm=
   9     "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
  10    <SignatureMethod Algorithm=
  11     "http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  12    <Reference URI="">
  13     <Transforms>
  14      <Transform Algorithm=
  15       "http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
  16     </Transforms>
  17     <DigestMethod Algorithm=
  18       "http://www.w3.org/2000/09/xmldsig#sha1"/>
  19     <DigestValue></DigestValue>
  20    </Reference>
  21   </SignedInfo>
  22   <SignatureValue />
  23   <KeyInfo>
  24    <X509Data >
  25     <X509SubjectName/>
  26     <X509IssuerSerial/>
  27     <X509Certificate/>
  28    </X509Data>
  29    <KeyValue />
  30   </KeyInfo>
  31  </Signature>
  32 </a>