SV: [xmlsec] namepace and cannoalization methods

Hårek Ryeng haarek.ryeng at
Wed Jul 23 12:43:22 PDT 2003


Maybe I shouldn't cut down on the caffeine consumption after all, and
good things will happen... ;-)

I think I'll try solution 0 first, but before that I'll try to get the
recipient to accept the current namespace formatting. 

I'll let you know, and of course you'll have the patch, if solution 1
turns out to be necessary. 

Thanks again!

- Haarek - 

-----Opprinnelig melding-----
Fra: xmlsec-admin at [mailto:xmlsec-admin at] På vegne
av Aleksey Sanin
Sendt: 23 July 2003 18:22
Til: Hårek Ryeng
Kopi: xmlsec at
Emne: Re: [xmlsec] namepace and cannoalization methods

> But I would guess it'll be a very ugly and long patch.

A coffein drink helped me to realize that it might be not as bad
as I thought. And that there might be another option for you.

0) [new option, no xmlsec hack] I guess currently you are using
the xmlsec helper functions xmlSecTmpl* to create the signature
template. But template is just an xml file. You can create it manually
and put whatever you want in it. Including the "ds:" prefix you want :)
And I don't think xmlsec/libxml2 would have any problems with it :)

1) [small xmlsec hack] But I would imagine that re-writing a lot of
stupid code from template.c do create a signature template is boring :)
Thus you can slightly tweak xmlsec to do what you want:
    a) Add a new function xmlSecTmplSignatureCreateExt()
    that would have one additional parameter "prefix". The
    old function xmlSecTmplSignatureCreate() would just call
    this new one with "prefix" equal NULL.
    The new function would have to specify prefix when it creates
    namespace node (search for a call to xmlNewNs).
    b) All tree manipulations in template.c are done using
    xmlSecAdd* functions from xmltree.c. These functions
    need to be modified to work with namespace prefix correctly.
    There are 3 or 4 functions and it should be pretty straightforward.

If you would prefer to go with option 1) do not forget that I accept
contributions :)


xmlsec mailing list
xmlsec at

More information about the xmlsec mailing list