[xmlsec] Microsoft .NET compatibility

Aleksey Sanin aleksey at aleksey.com
Fri May 9 20:41:52 PDT 2003


I don't have very good news that everything is fixed for you but I might 
a solution that should work.

First bad news, "line feed normalization" have to be done on parser level.
I could not do it in c14n level because at that point I already might 
have "&#D;"
entities converted to '\r' and I just could not throw away all '\r' 
Unfortunately, LibXML2 parser does not have an option to do this while
parsing XML document and I am not sure that it would be easy to add such
a feature. I am still looking into it but no promises (if you want to 
look at this
as well, check parser.c file in LibXML2).

Now good news:
    1)  It seems that you should have no problems if you process XML 
files with
    line feeds on Windows. Only if you create file on Windows then later 
you might
    have problems on *nix.
    2) You can just strip out all '\r'  characters before calling xmlsec 
yourself. It should
    not change signature because these characters should be stripped away
    by line feed normalization anyway. Seems strange to me but it's what 
I understand
    from the spec. The trivial perl script should do it just fine.


Aleksey Sanin wrote:

> Hi, Rob!
> Seems that there is a problem in xmlsec (to be precise, in libxml2
> canonicalization code) which does not remove #D as it is required
> by the spec. The only problem is that I could not understand how
> you got same digests in this case? Digests verification should also fail
> because of this problem.
> Not sure that there is a trivial fix. If you want to play with it your 
> self,
> look at c14n.c file in the LibXML2. I'll take a look at this later today
> and send you status update as soon as I find something.
> Thanks for investigating this problem!
> Aleksey

More information about the xmlsec mailing list