[xmlsec] encrypting/signing parts of xml

Aleksey Sanin aleksey at aleksey.com
Sun Jul 25 19:14:10 PDT 2004

> My both runs gave me exact same answer, as i checked
> the digest values and ny diff utility. 
These options specify the start node for the signatue and
not the data that needs to be signed. In all cases, it is expected
to be <dsig:Signature/>. If you want to sign different parts of XML
then you need to have different templates. See XML DSig spec for more
details about transforms.

> When I execute commmand 
> xmlSecDSigCtxSign(dsigCtx, signNode), signNode is
> always the template, So this means that the API
> calculates the digest of the parent node of the
> template and then signs it.
The API calculates the digest of the XML parts specified in the template
in signNode. Please read the spec.


More information about the xmlsec mailing list