[xmlsec] xml signing binary files

Aleksey Sanin aleksey at aleksey.com
Fri Apr 26 20:01:39 PDT 2019

This is a very good question. I am traveling and can’t run a test. Can you try to use reference uri and base64 transform? The url parsing depends on the next transform input and by default c14n is applied which requires xml node set which forces xml parsing. I believe if next transform is base64 encoding then it should work but not 100% sure.


> On Apr 26, 2019, at 7:40 PM, Skip Carter <skip at taygeta.com> wrote:
> Aleksey,
> Thanks for your excellent XMLSEC library, I have been using it for
> several years.  Yet in all that time I have not had the need to use
> xmlsec for signing anything but XML files but now I do.
> How do I sign a binary file ?  I used sign1.c and sign1-tmpl.xml
> as a starting point and set Reference URI to point to the file, but
> sign1 clearly expects to see the file as an XML file:
> Entity: line 1: parser error : Document is empty
> func=xmlSecParserPushBin:file=parser.c:line=182:obj=xml-
> parser:subj=xmlParseChunk:error=5:libxml2 library function
> failed:size=1024
> func=xmlSecTransformPump:file=transforms.c:line=1694:obj=xml-
> parser:subj=xmlSecTransformPushBin:error=1:xmlsec library function
> failed: 
> func=xmlSecTransformCtxUriExecute:file=transforms.c:line=1205:obj=unkno
> wn:subj=xmlSecTransformPump:error=1:xmlsec library function
> failed:uri=debian.jpg
> ...
> Is the an attribute in Reference that should be set for nonxml data ?
> Thanks
> -- 
> Dr Everett (Skip) Carter
> skip at taygeta.com
> Taygeta Scientific Inc
> 607 Charles Ave
> Seaside CA 93955
> 831-641-0645 x103

More information about the xmlsec mailing list