[xmlsec] Problems verifing digest value

Aleksey Sanin aleksey at aleksey.com
Wed Oct 15 08:01:40 PDT 2003

Check how to you serialize XML document. You *don't* want to format 
signed document.


Lehnert, Hartmut wrote:

> Hi,
> I'm using xmlsec with my own crypto lib (smartcard signatures) to 
> generate XML signatures. The Signature node is generated dynamically - 
> together with a XAdES Object node containing SignedProperties (e.g. 
> SigningTime). To use these SignedProperties a Reference node is 
> created below SignedInfo node.
> I've also written an OpenSSL based verificator for the output docs of 
> the first application.
> Now comes the problem: When I generate the complete Signature node 
> dynamically, the hash value for the SignedProperties cannot be 
> reproduced by the OpenSSL based application, but when I use the output 
> of the first application as an input with Signature node template 
> (also for the first application), then the output hash values now can 
> all be verified by the OpenSSL based application. An example for the 
> input docs with Signature template is appended to this email.
> Do you have an idea?
> Thank you very much.
> Hartmut Lehnert

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.aleksey.com/pipermail/xmlsec/attachments/20031015/bc333e8d/attachment.htm

More information about the xmlsec mailing list