Thanks for your prompt responses. > Hm... I am sorry but I have to ask if you really want to > write xmldsig implementation yourself. I did it once > (http://www.aleksey.com/xmlsec)...
Sorry, I forgot to tell you: We are aware of your XML Security Library. I am sure it is a very fine product, but we decided not to use it. We could not figure out how to make XML Sec fit into our environment, for the following reasons (I'm leaving out some details, to avoid revealing product or security details which I'm not supposed to reveal.): - For signature generation, and for key unwrapping (decryption), we use an RSA private key, stored in hardware. - Our cryptograpic library is proprietary. - We are working in an embedded system, where memory footprint is very important. We are not making our own xmldsig implementation. We only have a small subset of the xmldsig and xmlenc cryptographic operations, and those operations are heavily constrained by technical specifications. > The xmlC14NExecute function allows one to > provide a callback that would be called to determine if > a given node is "visible" (i.e. included in c14n output) > or not. To canonicalize just a given node (with all the > attributes and children nodes) you can write a callback > function that would return "true" for your node, its attributes, > namespaces and children nodes and "false" for all other > nodes in the document. > > Aleksey Thank you, I will try that. /G�ran _______________________________________________ xml mailing list, project page http://xmlsoft.org/ [email protected] http://mail.gnome.org/mailman/listinfo/xml
