[xmlsec] Signed XML contains XML version Header

Aleksey Sanin aleksey at aleksey.com
Mon Oct 19 08:51:27 PDT 2020


The c14n is applied "on the fly" before the signature is calculated. The
original document doesn't change.

Best,

Aleksey

On 10/19/20 5:50 AM, Roshan Kumar wrote:
> Hi,
> 
> I am working on a project in c++ which requires signing and verification 
> of xml documents. For which I am using XMLSEC library along with LIBXML2 
> with openssl as the crypto engine.
> 
> I signed one example xml document by applying canonicalization 1.1 with 
> sha256 and with transformation algorithms.
> 
> But the final result contains XML headers i.e "<?xml version="1.0" 
> encoding="UTF-8"?>"
> 
> But as per canonicalization algorithm this must not exist.
> 
> I am attaching the input file , the program and the output file with 
> this mail. So that you can reproduce the problem.
> 
> I compiled the program with the following command :
> 
> "gcc -g -D__XMLSEC_FUNCTION__=__func__ -DXMLSEC_NO_SIZE_T 
> -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_GOST2012=1 -DXMLSEC_DL_LIBLTDL=1 
> -I/usr/local/include/xmlsec1 -I/usr/local/include/libxml2 
> -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 -DUNIX_SOCKETS    sign3.c  -g 
> -L/usr/local/lib -lltdl -lxmlsec1 -lz -llzma -lm -ldl -lxslt -lxml2 -o 
> sign3"
> 
> Please let me know if I am missing something. Hope to hear from you at 
> the earliest.
> 
> Thanks and Regards
> Roshan Kumar
> 


More information about the xmlsec mailing list