Create a XML signature my XML DATA
376 views
Skip to first unread message
Reeturaj Sahoo
Dec 20, 2022, 6:04:11 PM12/20/22
to golang-nuts
Hello Golang Team,
I want to implement Signed XML to my XML Data .
If anyone have reference document .Kindly share
Karlovsky Alexey
Dec 21, 2022, 11:42:01 PM12/21/22
to Reeturaj Sahoo, golang-nuts
Hi, I can recommend to start with this library https://github.com/russellhaering/goxmldsig
--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/0c91f4a8-ccc2-428c-ab80-b81f269b64dan%40googlegroups.com.
Karlovsky Alexey
Dec 22, 2022, 10:57:17 AM12/22/22
to Reeturaj Sahoo, golang-nuts
Hi, I believe you have used the default SigningContext with the NewDefaultSigningContext method with default MakeC14N11Canonicalizer:
func NewDefaultSigningContext(ks X509KeyStore) *SigningContext {
return &SigningContext{
Hash: crypto.SHA256,
KeyStore: ks,
IdAttribute: DefaultIdAttr,
Prefix: DefaultPrefix,
Canonicalizer: MakeC14N11Canonicalizer(),
}
}
return &SigningContext{
Hash: crypto.SHA256,
KeyStore: ks,
IdAttribute: DefaultIdAttr,
Prefix: DefaultPrefix,
Canonicalizer: MakeC14N11Canonicalizer(),
}
}
Try to create custom signing context with MakeC14N10RecCanonicalizer as a Canonicalizer, like this:
ctx := &SigningContext {
Hash: crypto.SHA256,
KeyStore: ks,
IdAttribute: DefaultIdAttr,
Prefix: DefaultPrefix,
Canonicalizer: MakeC14N10RecCanonicalizer(),
}
Hash: crypto.SHA256,
KeyStore: ks,
IdAttribute: DefaultIdAttr,
Prefix: DefaultPrefix,
Canonicalizer: MakeC14N10RecCanonicalizer(),
}
On Thu, Dec 22, 2022 at 10:49 AM Reeturaj Sahoo <reeturajs...@gmail.com> wrote:
Hello Karlovsky,Thank you for the update .After using this library I was able to generate Signed XML .Output is :<?xml version="1.0" encoding="UTF-8"?>
<ReqDiagnostic>
<Head origInst="IP11" refId="919b92e5792f463a82801f5f46923531526" ts="2022-12-19T15:26:28+05:30" ver="1.0"/>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>uTdNgPrRhLpLJ3YZQOymIkr3DxyJeKJQarBZMe9b/Z8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>dYgNUeSQA8bN0dmeb3BgRk0la5AQN8sbYBMGmFrNYfw63C2xBmHAP6cGHHyCHysQlpg5Q6WKnzZld24v8pTfr8qNHuJlyQ2bcpXirxRBU26RipFxUY5zkSmspkvwarHS39uITITljiNOtjNrBIQoG4zfnVXPZ0d2E1jrdggt3jg=</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIIBlTCB/6ADAgECAgEAMA0GCSqGSIb3DQEBCwUAMAAwHhcNMjIxMjIyMDkyNTQzWhcNMjMxMjIyMDkzMDQzWjAAMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAnI1e774HYixO1xMYc5iyYRuc+lsphegJgEzBGbk5Ba2+LMU78H/OP4ovrLIfTCxyqzwV4HGehTQtLkK+CNaoT5k9vpODVE5GHkapYhhXkqd9xMb8TXLF9imVQhZE/iEuey2AV2iphkrRj5l6qAAKtedkFC12J1VfCFWlGrraiwIDAQABoyAwHjAOBgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOBgQBmLMDfozjxxG2Scrj/p9IwQS8hLL8HXQZ9BgeoG8MW1c0ZOmo/9ElFlQhih0YspzgKKYozNN6X8WkuKPJtTRJk5uCaQqOLkGn1+0HLBbnaWW3v+2Ca7MLIZihlq6xwf25aRwYGiEoBgJ9PyaLaR/vYd0+N7Z6yQbNxh5D4zzEm/A==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</ReqDiagnostic>But i am getting <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>where i want to change <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>How can I change the algorithm type?
--Thanks & RegardsReeturaj
--
Kind regards,
Alexey
Karlovsky Alexey
Dec 22, 2022, 3:28:44 PM12/22/22
to Reeturaj Sahoo, golang-nuts
I would try to load key and cert from pfx using this library https://github.com/SSLMate/go-pkcs12
On Thu, Dec 22, 2022 at 1:13 PM Reeturaj Sahoo <reeturajs...@gmail.com> wrote:
Hello Alexey,It's working now , now able to set configuration as per requirement.I believe this function is used for random key generation randomKeyStore := dsig.RandomKeyStoreForTest()want to use previously generated .pfx file, key password .Anu suggestion to implement.
--
Kind regards,
Alexey
Reeturaj Sahoo
Dec 22, 2022, 9:57:52 PM12/22/22
to Karlovsky Alexey, golang-nuts
Hello Alexey,
It's working now , now able to set configuration as per requirement.
I believe this function is used for random key generation randomKeyStore := dsig.RandomKeyStoreForTest()
want to use previously generated .pfx file, key password .
Anu suggestion to implement.
Reeturaj Sahoo
Dec 22, 2022, 9:57:53 PM12/22/22
to Karlovsky Alexey, golang-nuts
Reply all
Reply to author
Forward
0 new messages