#10 Use XML C14n canonical form for all outgoing messages

Uzavrená
otvorené 4 rokov pred užívateľom stan · 2 komentárov

The XML signature applies to the XML message in its C14n Canonical Form. We might as well make sure that the message templates already are in this form, to ease the signing process.

This does not guarantee that incoming messages will be in canonical form, however, so their should be a way to convert any message to its canonical form.

If this proves too difficult, we might as well rely on lxml for this process. I want to see whether we can do without this extra decode-encode step.

The XML signature applies to the XML message in its C14n Canonical Form. We might as well make sure that the message templates already are in this form, to ease the signing process. This does not guarantee that incoming messages will be in canonical form, however, so their should be a way to convert any message to its canonical form. If this proves too difficult, we might as well rely on `lxml` for this process. I want to see whether we can do without this extra decode-encode step.
Stan Janssen okomentoval 4 rokov pred
Vlastník

Excellent write-up of the required steps to normalization: https://www.di-mgt.com.au/xmldsig-c14n.html

Excellent write-up of the required steps to normalization: https://www.di-mgt.com.au/xmldsig-c14n.html
Stan Janssen okomentoval 4 rokov pred
Vlastník

So this turns out to be more of a hassle than I thought. Also, the standard-library xml.etree.ElementTree module contains a canonicalize method that takes a string and produces the canonical output without constructing an XML tree, which looks like what we need. Let's use that.

So this turns out to be more of a hassle than I thought. Also, the standard-library `xml.etree.ElementTree` module contains a `canonicalize` method that takes a string and produces the canonical output without constructing an XML tree, which looks like what we need. Let's use that.
stan zatvorené 4 rokov pred
Prihláste sa pre zapojenie do konverzácie.
Žiadne štítky
Žiadny míľnik
Žiadny priradený
1 účastníkov
Načítavanie...
Zrušiť
Uložiť
Zatiaľ neexistuje žiadny obsah.