[xmlsec] Whitespace issues when creating an XML document

Aleksey Sanin aleksey at aleksey.com
Mon May 26 10:34:35 PDT 2008

1) Spaces are important in XML and XMLDSig
2) If you want to have "formatted" XML then you have to add spaces.
3) Sorry, but there is no way around it.


Dave Chapman wrote:
> Hi,
> I've ran into a problem when trying to create and verify a signature for 
> an XML document created in RAM, but haven't been able to find any 
> reports of others having similar problems, or any nicer solution than 
> the workaround I've used.  Most examples/questions seem to relate to 
> adding signatures to already existing XML documents.
> The signing code my program uses is based on the sign3.c example, and 
> the verification is based on verify3.c.
> My program did the following, and the resulting document failed to 
> verify (data and digest mismatch):
> 1) Create the XML document to be signed in RAM using the libxml2 
> functions xmlNewNode, xmlAddChild, xmlAddProp etc
> 2) Sign the document with xmlSecDSigCtxSign()
> 3) Write the document to disk with xmlSaveFormatFileEnc()
> If I added the verification code to this program between steps 2) and 
> 3), instead of in a second program, then the verification worked.
> This lead me to the conclusion that the issue was with libxml2 adding 
> whitespace to the document when saving it to disk.
> Adding the workaround of saving the created document to disk, and then 
> reloading it before calculating and adding the signature fixed the 
> problem, but I'm hoping there's a nicer solution that avoids this extra 
> write/read step.
> This is possibly more of a libxml2 question than xmlsec, but I'm hoping 
> that someone here has solved this problem previously, and that having 
> the question in the xmlsec mail archives will help others.
> Regards,
> Dave.
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list