In order to add XML Signatures to the messages, the following conditions must be met:
XML messages should be converted to their C14n canonical form. Given that openADR does not use any advanced XML features, I propose that we canonicalize the form in the templates as much as possible.
Add an identifier like id="signedObject" to the opening tag of the oadrSignedObject resource
Add a new resource that contains a ReplayProtect property with the current timestamp and a random nonce
Calculate the digest of the resource signedObject
Calculate the digest of the resource prop that contains the ReplayProtect element
Calculate the signature value, which is the digest value signed by the private key
Add the key info, which is the public key
Prepend the <Signature> element to the contents of <oadrPayload>
In order to add XML Signatures to the messages, the following conditions must be met:
1. XML messages should be converted to their C14n canonical form. Given that openADR does not use any advanced XML features, I propose that we canonicalize the form in the templates as much as possible.
2. Add an identifier like `id="signedObject"` to the opening tag of the oadrSignedObject resource
3. Add a new resource that contains a ReplayProtect property with the current timestamp and a random nonce
4. Calculate the digest of the resource `signedObject`
5. Calculate the digest of the resource `prop` that contains the ReplayProtect element
6. Calculate the signature value, which is the digest value signed by the private key
7. Add the key info, which is the public key
8. Prepend the `<Signature>` element to the contents of `<oadrPayload>`
The canonicalized XML form represents empty tags as an explicite open and close tag, whereas we were using the compact respresentation of those tags:
<venID />
should become
<venID></venID>
The canonicalized XML form represents empty tags as an explicite open and close tag, whereas we were using the compact respresentation of those tags:
```XML
<venID />
```
should become
```XML
<venID></venID>
```
In order to add XML Signatures to the messages, the following conditions must be met:
id="signedObject"to the opening tag of the oadrSignedObject resourcesignedObjectpropthat contains the ReplayProtect element<Signature>element to the contents of<oadrPayload>The canonicalized XML form represents empty tags as an explicite open and close tag, whereas we were using the compact respresentation of those tags:
should become
I will use
xml.etree.ElementTree.canonicalizejust before sending each message to canonicalize everything.This is closed in
4ba2900cc1.