OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] Trouble Verifying the XML Digest


Mark Fruhling wrote on 2009-12-16:
> It's my understanding that the digest should be the
> assertion => SHA-1 Hashed => Base 64 encoded.

To a degree, but that grossly oversimplifies how you verify an XML
Signature, specifically the "assertion => hash" part. That requires XML
Canonicalization. You can't just feed the XML directly into a hash, there's
virtually no chance you'll end up with the same octets.

(Maybe you know that, but when people ask questions like that, they usually
don't.)

-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]