[xmlsec] Digital Signatures without line breaks

Aleksey Sanin aleksey at aleksey.com
Tue May 11 13:28:00 PDT 2010

You have 3 options:

1) File a bug against Microsoft. XMLDsig spec 
(http://www.w3.org/TR/xmldsig-core) refers to RFC 2045 
(http://www.ietf.org/rfc/rfc2045.txt) which describes base64 
in section 6.8:

"The encoded output stream must be represented in lines of no more
than 76 characters each. All line breaks or other characters not
found in Table 1 must be ignored by decoding software. In base64
data, characters other than those in Table 1, line breaks, and other
white space probably indicate a transmission error, about which a
warning message or even a message rejection might be appropriate
under some circumstances."

2) Set base64LineSize to 0 in keyInfoWriteCtx in the xmlSecDSigCtx
structure. This would disable line wraps for a particular dsig

3) Call xmlSecBase64SetDefaultLineSize(0) right after initializing
xmlsec library. This would disable line wraps globally.


On 5/11/2010 12:16 PM, Mauricio wrote:
> I'm using Xmlsec to create digital signatures ( including X509
> certtificates ) without any problems so far in the Linux/Apache environment.
> However these same signatures are being rejected by Windows NET Web
> Services apparently because of the line breaks in the X509Certificate tag.
> How to avoid those line breaks and put everything in a single line ?
> Thank You,
> Shaidmann
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list