[xmlsec] Whitespace issues when creating an XML document

[Aleksey Sanin]

Again, you *can* add spaces yourself when you construct XML dom tree.

Aleksey

Dave Chapman wrote:
> Aleksey,
> 
> Thanks for the reply.
> 
> I'm fully aware of the significance of whitespace, and the issue isn't 
> that I want "formatted" XML, it's that I want libxml2 to have the same 
> representation in RAM as the file will be when it is later written to 
> disk - so I can reliably create a signature for it.
> 
> But if there's no known solution to that (apart from saving to disk and 
> re-reading), then I guess I'll need to take it to the libxml2 devs.
> 
> Regards,
> 
> Dave.
> 
> Aleksey Sanin wrote:
>> 1) Spaces are important in XML and XMLDSig
>> 2) If you want to have "formatted" XML then you have to add spaces.
>> 3) Sorry, but there is no way around it.
>>
>> Aleksey
>>
>>
>> Dave Chapman wrote:
>>> Hi,
>>>
>>> I've ran into a problem when trying to create and verify a signature 
>>> for an XML document created in RAM, but haven't been able to find any 
>>> reports of others having similar problems, or any nicer solution than 
>>> the workaround I've used.  Most examples/questions seem to relate to 
>>> adding signatures to already existing XML documents.
>>>
>>> The signing code my program uses is based on the sign3.c example, and 
>>> the verification is based on verify3.c.
>>>
>>> My program did the following, and the resulting document failed to 
>>> verify (data and digest mismatch):
>>>
>>> 1) Create the XML document to be signed in RAM using the libxml2 
>>> functions xmlNewNode, xmlAddChild, xmlAddProp etc
>>>
>>> 2) Sign the document with xmlSecDSigCtxSign()
>>>
>>> 3) Write the document to disk with xmlSaveFormatFileEnc()
>>>
>>> If I added the verification code to this program between steps 2) and 
>>> 3), instead of in a second program, then the verification worked.
>>>
>>> This lead me to the conclusion that the issue was with libxml2 adding 
>>> whitespace to the document when saving it to disk.
>>>
>>> Adding the workaround of saving the created document to disk, and 
>>> then reloading it before calculating and adding the signature fixed 
>>> the problem, but I'm hoping there's a nicer solution that avoids this 
>>> extra write/read step.
>>>
>>> This is possibly more of a libxml2 question than xmlsec, but I'm 
>>> hoping that someone here has solved this problem previously, and that 
>>> having the question in the xmlsec mail archives will help others.
>>>
>>>
>>> Regards,
>>>
>>> Dave.
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>
>>
> 
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec