Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

how to create a reference to KeyInfo? #481

Open
sibelius opened this issue Jan 28, 2025 · 8 comments
Open

how to create a reference to KeyInfo? #481

sibelius opened this issue Jan 28, 2025 · 8 comments

Comments

@sibelius
Copy link 

<Reference
URI=”<unique-id-toKeyInfo>

<KeyInfo Id=”unique-id-to-KeyInfo”>
(...................)
</KeyInfo>

<ds:Reference URI="#key-info-id">
 <ds:Transforms>
 <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 </ds:Transforms>
 <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
 <ds:DigestValue>J9fL+QyrtblrJnk0gjGnGPaDt42AKfNRM3uv4EbdbrM=</ds:DigestValue>
 </ds:Reference>
@srd90
Copy link

srd90 commented Jan 30, 2025

Are you aware that this repository has discussions section activated?

IMHO all of these could have been started as questions at discussions instead of issues:

Some of those issues were resolved by you with comment like "nevermind"/"got working". If you had an issue why not share solution with others who might have tried to already spend time to replicate your problem with short info that you provided.

@srd90 srd90 mentioned this issue Jan 30, 2025
Open
@srd90
Copy link

srd90 commented Jan 30, 2025

Are you after this pending/work in progress enabler:

Quote from #463 :

...
Adding a Reference to each part of the document to be signed is cumbersome and still leaves <KeyInfo /> without a Reference.
...

If answer is yes then this question issue is duplicate of enhancement issue #463

@sibelius
Copy link
Author

does we have a solution for this ?

or should we use this new patched code ?

@srd90
Copy link

srd90 commented Jan 30, 2025

does we have a solution for this ?

Where are you point with this question's this?

If your question's this point to this: #463

then you have some initial version of solution available at this draft PR: #464

or should we use this new patched code ?

I cannot figure out whats this question's this could be.

@cjbarth
Copy link
Contributor

cjbarth commented Jan 31, 2025

@sibelius , As you can see from the issue linked to by @srd90 , I've started work on this, but haven't completed it (and don't see time on the immediate horizon to do so). If you have a solution, or care to collaborate on this, please do so. This would significantly increase the security of this library and make it easier to use.

@sibelius
Copy link
Author

Is there any test failing?

@sibelius
Copy link
Author

What is missing in your implementation?

@cjbarth
Copy link
Contributor

cjbarth commented Jan 31, 2025

@sibelius , please continue this discussion on the linked issue or the associated PR. You'll see that there are tests failing. I tried to start with a battery of tests so that I could do test-driven-development with this feature addition, so you should see what the end goal should look like. It is possible that I've gotten the test wrong too (programmers are imperfect).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sibelius @cjbarth @srd90