[xmlsec] digestvalue failure

Rich Salz rsalz at datapower.com
Wed Mar 3 12:04:58 PST 2004

> Since I've stripped off the namespace definitions of 
> SOAP-ENV and so on

You can't do that.

In order to C14N something, you need to know both the node at which it 
starts *and* all the namespaces that are in effect at that point.  Basic 
canonicalization imports all namespace (and xml:space, etc, attributes) 
into the toplevel element of what it is processing.

> My other question....it seems quite simple to me, but it still isn't 
> trivial: do I have to calculate a hash including the <Body> tags, (the 
> one  mentioned in the Reference) or  just the content between the two tags?

Yes, you include the tags.  No, it is not just the content inside the tags.


Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

More information about the xmlsec mailing list