EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Signature to AuthSignature

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#11111
Posted: 09/21/2009 10:30:22
by Evelyne Collin (Basic support level)
Joined: 09/21/2009
Posts: 2

Hello,

I use the XMLSigner component to sign a XML document.
I would like to know if one can change the name of the node <Signature> to <AuthSignature>

Example :

<Signature>
<ds:SignedInfo>...</>
<ds:SignatureValue>...</>
<Signature>

=>

<AuthSignature>
<ds:SignedInfo>...</>
<ds:SignatureValue>...</>
<AuthSignature>


Yours sincerely.
#11114
Posted: 09/21/2009 13:17:16
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I would like to know if one can change the name of the node <Signature> to <AuthSignature>

It is not recomended to change a name of the signature node, as no other software would be able to verify this signature.
What about this structure:
Code
<AuthSignatures>
<Signature>...</Signature>
</AuthSignatures>


There is two ways to change a name: If you are using VCL edition then you could simply modify SBXMLSig unit, rename 'Signature' keyword to what you want (of course if you don't need to create and verify "normal" signatures).
Another simple way is to create a signature and then rename it (the only way to rename nodes using the DOM is to create a new node with the new name, copy all the child nodes and attributes from the old node to the new node, then replace the old node with the new node).
For example (add this code after a ElXMLSigner.Save method):
Code
var Node : TElXMLDOMNode := ElXMLSigner.Signature.XMLElement.FirstChild;
var NewNode : TElXMLDOMElement := XMLDocument.CreateElementNS(xmlSignatureNamespace, 'AuthSignature');
AddPrefixes(NewNode, ElXMLSigner.Signature.SignaturePrefix, xmlSignatureNamespace);

while Assigned(Node) do
begin
  NewNode.AppendChild(Node.CloneNode(True));
  Node := Node.NextSibling
end;

ElXMLSigner.Signature.XMLElement.ParentNode.ReplaceChild(NewNode, ElXMLSigner.Signature.XMLElement);
#11129
Posted: 09/24/2009 07:10:30
by David MICHEL (Standard support level)
Joined: 09/23/2009
Posts: 48

Hello,

I use also XMLSigner component to sign a XML document.

When the signature is saved, it appears in this way:


However, I must sign a document by using standard [URL=http://www.ebics-zka.de/english/document/pdf/EBICS-Version%202.4.1%20FinalEN-14-09-2009.pdf]EBICS[/URL]. In the specifications, one must represent the signature it appears in this way:
<AuthSignature> (without prefix)
<ds: SignedInfo> (with prefix)

</ds: SignedInfo>
...
</AuthSignature>

I use the VCL Edition SecureBlackBox.

So of the contents of my Signature node move towards AuthSignature, the signature is not more valid at the time of the checking of the signature.

Yours sincerely.


Sincerely yours,
David MICHEL.
#11133
Posted: 09/24/2009 10:21:30
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I must sign a document by using standard EBICS.

I see. We'll add a new property to control this. I'll write the details later.
Quote
So of the contents of my Signature node move towards AuthSignature, the signature is not more valid at the time of the checking of the signature.

It is most likely related to the canonicalization. If you don't add prefixes to the AuthSignature element the canonicalization result of SignedInfo element could change.
So, if the document element (ebicsRequest) has a namespace with a prefix "ds" and name "http://www.w3.org/2000/09/xmldsig#" then you should use a following code to rename a Signature node:
Code
ElXMLSigner.Sign();
..
ElXMLSigner.Signature.SignaturePrefix := 'ds';
ElXMLSigner.Save(..);
var Node : TElXMLDOMNode := ElXMLSigner.Signature.XMLElement.FirstChild;
var NewNode : TElXMLDOMElement := XMLDocument.CreateElement('AuthSignature');

while Assigned(Node) do
begin
  NewNode.AppendChild(Node.CloneNode(True));
  Node := Node.NextSibling
end;

ElXMLSigner.Signature.XMLElement.ParentNode.ReplaceChild(NewNode, ElXMLSigner.Signature.XMLElement);
#11134
Posted: 09/25/2009 05:02:45
by David MICHEL (Standard support level)
Joined: 09/23/2009
Posts: 48

Hello,

Thank you for your assistance.

I modified my code in the following way :

Code
     //Signature
      Signer.Sign;
      Signer.Signature.SignaturePrefix := 'ds';
      NodeSign := FXMLDocument.DocumentElement;

      try
        //Si le type de signature est envelopp&#233;, la signature est plac&#233;e en tant qu'enfant du noeud racine &#224; la fin du document XML par d&#233;faut.
        Signer.Save(NodeSign);
      except
        on E: Exception do
          raise EElXMLError.CreateFmt('Les donn&#233;es sign&#233;es non pas &#233;t&#233; sauv&#233;. (%s)', [E.Message]);
      end;

      //Place Node
      NodeSign := Signer.Signature.XMLElement;
      NodeSign.ParentNode.InsertBefore(NodeSign.CloneNode(True), FXMLDocument.documentElement.childNodes.item[2]);
      NodeSign.ParentNode.RemoveChild(NodeSign);

      //Node <ds:Signature> to <AuthSignature>
      NodeSign    := Signer.Signature.XMLElement.FirstChild;
      newNodeSign := FXMLDocument.CreateElement('AuthSignature');


      while Assigned(NodeSign) do
      begin
        newNodeSign.AppendChild(NodeSign.CloneNode(True));
        NodeSign := NodeSign.NextSibling;
      end;
  

Signer.Signature.XMLElement.ParentNode.ReplaceChild(newNodeSign,Signer.Signature.XMLElement);


I have a violation at this place :

Code
Signer.Signature.XMLElement.ParentNode.ReplaceChild(newNodeSign,Signer.Signature.XMLElement);


Sincerely yours,
David MICHEL.
#11137
Posted: 09/25/2009 11:43:56
by Eugene Mayevski (EldoS Corp.)

Moved to HelpDesk for investigation.


Sincerely yours
Eugene Mayevski
#11139
Posted: 09/25/2009 11:49:44
by Dmytro Bogatskyy (EldoS Corp.)

Quote
I have a violation at this place
...

It is expected, as you already removed this node (Signer.Signature.XMLElement).
The code should look like this:
Code
      //Node <ds:Signature> to <AuthSignature>
      newNodeSign := FXMLDocument.CreateElement('AuthSignature');

      // Inserting newNode
      Signer.Signature.XMLElement.ParentNode.InsertBefore(newNodeSign, FXMLDocument.documentElement.childNodes.item[2]);

      NodeSign    := Signer.Signature.XMLElement.FirstChild;
      while Assigned(NodeSign) do
      begin
        newNodeSign.AppendChild(NodeSign.CloneNode(True));
        NodeSign := NodeSign.NextSibling;
      end;
  
      // deleting signature node after we copied all childs
      Signer.Signature.XMLElement.ParentNode.RemoveChild(Signer.Signature.XMLElement);
#11142
Posted: 09/28/2009 02:17:22
by David MICHEL (Standard support level)
Joined: 09/23/2009
Posts: 48

Thank you for your assistance.

Sincerely yours.


Sincerely yours,
David MICHEL.
Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages

Reply

Statistics

Topic viewed 2294 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!