[xmlsec] digestvalue failure
rsalz at datapower.com
Wed Mar 3 12:04:58 PST 2004
> Since I've stripped off the namespace definitions of
> SOAP-ENV and so on
You can't do that.
In order to C14N something, you need to know both the node at which it
starts *and* all the namespaces that are in effect at that point. Basic
canonicalization imports all namespace (and xml:space, etc, attributes)
into the toplevel element of what it is processing.
> My other question....it seems quite simple to me, but it still isn't
> trivial: do I have to calculate a hash including the <Body> tags, (the
> one mentioned in the Reference) or just the content between the two tags?
Yes, you include the tags. No, it is not just the content inside the tags.
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
More information about the xmlsec