[xmlsec] Microsoft .NET compatibility
aleksey at aleksey.com
Fri May 9 20:41:52 PDT 2003
I don't have very good news that everything is fixed for you but I might
a solution that should work.
First bad news, "line feed normalization" have to be done on parser level.
I could not do it in c14n level because at that point I already might
entities converted to '\r' and I just could not throw away all '\r'
Unfortunately, LibXML2 parser does not have an option to do this while
parsing XML document and I am not sure that it would be easy to add such
a feature. I am still looking into it but no promises (if you want to
look at this
as well, check parser.c file in LibXML2).
Now good news:
1) It seems that you should have no problems if you process XML
line feeds on Windows. Only if you create file on Windows then later
have problems on *nix.
2) You can just strip out all '\r' characters before calling xmlsec
yourself. It should
not change signature because these characters should be stripped away
by line feed normalization anyway. Seems strange to me but it's what
from the spec. The trivial perl script should do it just fine.
Aleksey Sanin wrote:
> Hi, Rob!
> Seems that there is a problem in xmlsec (to be precise, in libxml2
> canonicalization code) which does not remove #D as it is required
> by the spec. The only problem is that I could not understand how
> you got same digests in this case? Digests verification should also fail
> because of this problem.
> Not sure that there is a trivial fix. If you want to play with it your
> look at c14n.c file in the LibXML2. I'll take a look at this later today
> and send you status update as soon as I find something.
> Thanks for investigating this problem!
More information about the xmlsec