[xmlsec] Different digest value between .NET implementation and XmlSec?

Chugh, Sanjay schugh at filenet.com
Thu Oct 9 12:53:21 PDT 2003 

Hello, I am in the middle of learning all this business about XmlDigital
signatures and Encryption.
To try and understand things, I've been trying different libraries and
trying to verify results.
I have run into one issue that I was wondering if somebody could shed
some light into.
I have the XML file shown at the bottom of the e-mail.
When I calculate a signature using XmlSec, the digest value generated
is:
<DigestValue>UT4+z2LQyKSxNWWdS7VE8uTo+wE=</DigestValue>

However, when I calculate a signature on the same file using .NET, the
digest value is different:
<DigestValue>sUD7jzvAdt3liQEkrpGsJukqftU=</DigestValue>

I have tracked it down to the following. The XmlSec library is
calculating the digest on the canonicalized form without the procession
instruction 
 
<?xml-stylesheet type="text/xsl" href="myfile.xsl" ?>

at the top of the file. The .NET implementation includes the processing
instruction in it's calculation of the digest. According to what I have
read, I believe that .NET is correct to include the processing
instruction in it's calculation of the digest.
 
Does anyone know why this should be the case?
 
Thanks.
 
-- Sanjay
 
Here is the Xml file:
 
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl" href="myfile.xsl" ?>
<!DOCTYPE sales [
<!ELEMENT sales (region*)>
<!ATTLIST sales quarter CDATA #IMPLIED>
<!ELEMENT region (units, amount)>
<!ATTLIST region name ID #IMPLIED>
<!ELEMENT units (#PCDATA) >
<!ELEMENT amount (#PCDATA) >
]>
<sales quarter="2001-01">
   <region name="Northeast">
      <units>374</units>
      <amount>12500.26</amount>
   </region>
   <region name="Southeast">
      <units>512</units>
      <amount>17692</amount>
   </region>
   <region name="Southwest">
      <units>161</units>
      <amount>8349.72</amount>
   </region>
   <region name="Northwest">
      <units>465</units>
      <amount>15239.6</amount>
   </region>
</sales>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20031009/1c5a3ff7/attachment.htm

More information about the xmlsec mailing list