[XML-SIG] Experiences with XML signing and encryption?
Rich Salz
rsalz at datapower.com
Sun Sep 12 15:14:21 CEST 2004
> We are about to start working on a project that will involve having to
> do some (correctly implemented) XML signing and encryption work.
The LBL folks are doing xmldsig and xmlenc; not sure what they're
planning on doing for the actual crypto. You can probably ask them on the
pywebsvcs-talk list at SourceForge.
Aleksey's package is built on libxml and is high quality. I believe
someone did python bindings to his package. The python bindings to libxml
are stable, but (as Uche has pointed out) not very pythonic, making you
worry about memory management too much.
m2crypto has an excellent swig-based wrapping of openssl. you could use
that as a starting point for your own dsig, etc., implementation. but
getting the c14n right will be very hard. (I know, I've done it three
times, including a free python version with the editor of the dsig spec;
it's part of pyxml.)
Hope this helps.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
More information about the XML-SIG
mailing list