[xmlsec] Whitespace issues when creating an XML document

[Dave Chapman]

Hi,

I've ran into a problem when trying to create and verify a signature for 
an XML document created in RAM, but haven't been able to find any 
reports of others having similar problems, or any nicer solution than 
the workaround I've used.  Most examples/questions seem to relate to 
adding signatures to already existing XML documents.

The signing code my program uses is based on the sign3.c example, and 
the verification is based on verify3.c.

My program did the following, and the resulting document failed to 
verify (data and digest mismatch):

1) Create the XML document to be signed in RAM using the libxml2 
functions xmlNewNode, xmlAddChild, xmlAddProp etc

2) Sign the document with xmlSecDSigCtxSign()

3) Write the document to disk with xmlSaveFormatFileEnc()

If I added the verification code to this program between steps 2) and 
3), instead of in a second program, then the verification worked.

This lead me to the conclusion that the issue was with libxml2 adding 
whitespace to the document when saving it to disk.

Adding the workaround of saving the created document to disk, and then 
reloading it before calculating and adding the signature fixed the 
problem, but I'm hoping there's a nicer solution that avoids this extra 
write/read step.

This is possibly more of a libxml2 question than xmlsec, but I'm hoping 
that someone here has solved this problem previously, and that having 
the question in the xmlsec mail archives will help others.


Regards,

Dave.