EldoS | Feel safer!

Software components for data protection, secure storage and transfer

XML Sig and Encoding problem

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#899
Posted: 08/01/2006 02:10:51
by Haris Zujo (Standard support level)
Joined: 05/12/2006
Posts: 33

Hi Eldos,

How to sign XML document that has different XML encodings?

I think that XML BlackBox always thinks that document is UTF-8 document and ignores the encoding specified in XML document. My problem is when I try to verify the signature the signature is not OK for all other encodings except for UTF-8.

regards Haris
#900
Posted: 08/01/2006 02:20:21
by Eugene Mayevski (EldoS Corp.)

Quote
Haris Zujo wrote:
How to sign XML document that has different XML encodings?


What do you mean by "different"? Do they differ in various nodes of the single document?


Sincerely yours
Eugene Mayevski
#901
Posted: 08/01/2006 02:21:34
by Eugene Mayevski (EldoS Corp.)

Also, does the problem happen with test applications, shipped with SecureBlackbox?


Sincerely yours
Eugene Mayevski
#902
Posted: 08/01/2006 02:40:21
by Eugene Mayevski (EldoS Corp.)

I have just reviewed the specification and XMLDSig requires that the data is in UTF-8. If it's not, conversion must take place. XMLBlackbox doesn't do this conversion by default. We might need to add charset conversion transform, but I need to discuss this with the developers. Meanwhile it's your duty to perform such conversion before signing.

With encryption the situation is similar - everything is in UTF-8.


Sincerely yours
Eugene Mayevski
#903
Posted: 08/01/2006 03:43:52
by Haris Zujo (Standard support level)
Joined: 05/12/2006
Posts: 33

Thak you for now. I will convert the documents to UTF-8.

Quote
I have just reviewed the specification and XMLDSig requires that the data is in UTF-8


Can you tell me where in the specification is this?
#906
Posted: 08/01/2006 08:58:05
by Eugene Mayevski (EldoS Corp.)

XMLDSig - http://www.w3.org/TR/xmldsig-core/
XMLEnc - http://www.w3.org/TR/xmlenc-core/

You can do conversion using XMLBlackbox itself, it's not a problem. And maybe in SecureBlackbox 5 conversion will be done implicitly. We have to investigate the question deeper.


Sincerely yours
Eugene Mayevski
#907
Posted: 08/01/2006 09:02:36
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I think that XML BlackBox always thinks that document is UTF-8 document and ignores the encoding specified in XML document. My problem is when I try to verify the signature the signature is not OK for all other encodings except for UTF-8.

XMLBlackbox when loads data convert it to UTF-16 (WideString). At signing process if some data needed to be converted to octets then it converted to UTF-8 according to the specs.
The test application save XML document at UTF-8 by default. You can use (TElXMLDocument).SaveToStream method to save with other encodings.

Quote
Can you tell me where in the specification is this?

http://www.w3.org/TR/xmldsig-core/
#929
Posted: 08/02/2006 05:09:21
by Dmytro Bogatskyy (EldoS Corp.)

By the way, where did you verified your signature?
Can you drop sample that produced incorrect result.
#13007
Posted: 04/15/2010 03:22:13
by Mitja Bog (Basic support level)
Joined: 03/30/2010
Posts: 5

I've tried to save my XMLDoc: TElXMLDOMDocument to stream, so that the encoding will be changed form UTF-16 to UTF-8. (Signing sets my xml from UTF-8 to UTF-16)

Quote

var
sStream : TStringStream;
begin
sStream := TStringStream.Create('');

XMLDoc.SaveToStream(sStream, xcmCanon, ElXMLUTF8Codec );


And the answer is

Quote


[Pascal Error] UfrmSignXML.pas(250): E2250 There is no overloaded version of 'SaveToStream' that can be called with these arguments



Why?
I've read the specification, but I just don't understand where is the problem.

I've searched for samples, but just didn't find any.

Help please! (Sample)
#13009
Posted: 04/15/2010 03:58:38
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I've tried to save my XMLDoc: TElXMLDOMDocument to stream, so that the encoding will be changed form UTF-16 to UTF-8. (Signing sets my xml from UTF-8 to UTF-16)
I've read the specification, but I just don't understand where is the problem.

The function expect instance of class not a class itself.
For example:
Code
      var Codec : TElXMLCodec;

      Codec := TElXMLUTF8Codec.Create;
      try
        Codec.WriteBOM := True;
        XMLDoc.SaveToStream(sStream, xcmCanon, Codec);
      finally
        FreeAndNil(Codec);
      end;

The simpler way is to pass encoding name:
Code
XMLDoc.SaveToStream(sStream, xcmCanon, 'utf-8');
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 6102 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!