[xmlsec] Enveloped signing with multiple signatures
Aleksey Sanin
aleksey at aleksey.com
Wed Oct 6 00:19:44 PDT 2004
Remove "dsig:" from XPath expressions or declare dsit namespace prefix.
The current transform selects everything (not from nothing).
Aleksey
> <Envelope xmlns="urn:envelope">
> <Data>
> Hello, World!
> </Data>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> <SignedInfo>
> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <SignatureMethod Algorithm="http://www.cryptocom.ru#sign"/>
> <Reference>
> <Transforms>
> <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
> <XPath>not(ancestor-or-self::dsig:Signature)</XPath>
> </Transform>
> </Transforms>
> <DigestMethod Algorithm="http://www.cryptocom.ru#digest"/>
> <DigestValue></DigestValue>
> </Reference>
> </SignedInfo>
> <SignatureValue></SignatureValue>
> </Signature>
> </Envelope>
More information about the xmlsec
mailing list