[xmlsec] Including comments in signatures
Olav Morken
olavmo at stud.ntnu.no
Mon Jul 7 06:35:50 PDT 2008
Hi,
when the XMLSec library processes a reference with a #WithComments
canonicalization, it doesn't include the comments in the PreDigest data.
Is this a bug or have I misunderstood how the [...]#WithComments
canonicalizations are supposed to work?
To test this I used version 1.2.11 of the XMLSec library, with the
sign1-program from:
http://www.aleksey.com/xmlsec/api/xmlsec-examples-sign-template-file.html#XMLSEC-EXAMPLE-SIGN1
I modified this program slightly to do a debug dump after creating the
signature. The program is attached as sign1.c, and the debug output
is attached as debug.txt. The document i tried to sign was test.xml,
which is also attached.
data.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<Test>
<!-- Comment! -->
<Data>test</Data>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
...
</Signature>
</Test>
And the relevant part of the debug output is this:
[...]
=== Transform: c14n-with-comments (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments)
[...]
== PreDigest data - start buffer:
<Test>
<Data>test</Data>
</Test>
== PreDigest data - end buffer
[...]
Thanks,
Olav Morken
More information about the xmlsec
mailing list