[xmlsec] Including comments in signatures

Olav Morken olavmo at stud.ntnu.no
Mon Jul 7 06:35:50 PDT 2008


when the XMLSec library processes a reference with a #WithComments
canonicalization, it doesn't include the comments in the PreDigest data.

Is this a bug or have I misunderstood how the [...]#WithComments 
canonicalizations are supposed to work?

To test this I used version 1.2.11 of the XMLSec library, with the
sign1-program from: 
I modified this program slightly to do a debug dump after creating the 
signature. The program is attached as sign1.c, and the debug output 
is attached as debug.txt. The document i tried to sign was test.xml, 
which is also attached.

data.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?>
  <!-- Comment! -->
  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">

And the relevant part of the debug output is this:
=== Transform: c14n-with-comments (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments)
== PreDigest data - start buffer:
== PreDigest data - end buffer

Olav Morken

More information about the xmlsec mailing list