AW: AW: [xmlsec] Problems verifing digest value

Aleksey Sanin aleksey at aleksey.com
Fri Oct 17 08:03:23 PDT 2003


Canonicalization does preserve spaces. Read the spec, please.
I guess that you are creating document (or part of it) in memory,
sign it, after that you adding spaces when you are writing document
out. And signature on the result fails, of course.

Now when you sign the document *with spaces* from disk and then
verify it everything works just fine.

Aleksey

Lehnert, Hartmut wrote:

>Hello Aleksey,
>I cannot believe that this can be a problem here, because before creating
>any hashs or signatures the canonicalization is performed at first - on all
>references (I think;-)). So why should it make a difference if I create the
>complete signature node in memory and then call "xmlSecDSigCtxSign" (which
>performs all transformations) or if I read the XML file, then create all
>nodes in memory and then also call "xmlSecDSigCtxSign"?
>
>Hartmut
>  
>





More information about the xmlsec mailing list