[xmlsec] Canonicalization problem?

Aleksey Sanin aleksey at aleksey.com
Fri Aug 29 09:03:01 PDT 2003


Ok, I see it too and this is weird:

    [aleksey at lsh tmp]$ cat test.xml
    ...
    <Object Id="object">&#13;&#10;some text</Object>
    ...

    [aleksey at lsh tmp]$ xmlsec1 sign --privkey ./rsakey.pem ./test.xml
    ...
    <Object Id="object">&#13;
    some text</Object>
   ...
  
   [aleksey at lsh tmp]$ ~/bin/xmlsec1 sign --privkey ./rsakey.pem 
./test.xml   
   ...
   <Object Id="object">
   some text</Object>
   ...

    [aleksey at lsh tmp]$ which xmlsec1
    ~/bin/xmlsec1

As you can see, the result of execution depends on how do I invoke the 
xmlsec1
command line utility! If we get "&#13;" in the output (first result) 
then we can
successfuly verify the signature. Otherwise we fail.  Also the 
interesting thing is
that in my development environment I compile xmlsec1 using static 
linking for
xmlsec and libxml libraries:

    [aleksey at lsh tmp]$ ldd ~/bin/xmlsec1
        libz.so.1 => /usr/lib/libz.so.1 (0x40032000)
        libpthread.so.0 => /lib/tls/libpthread.so.0 (0x40040000)
        libm.so.6 => /lib/tls/libm.so.6 (0x4004e000)
        libcrypto.so.4 => /lib/libcrypto.so.4 (0x40071000)
        libc.so.6 => /lib/tls/libc.so.6 (0x42000000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
        libgssapi_krb5.so.2 => /usr/kerberos/lib/libgssapi_krb5.so.2 
(0x40162000)
        libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x40175000)
        libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x401d3000)
        libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x401e3000)
        libdl.so.2 => /lib/libdl.so.2 (0x401e6000)


Ideas?


Aleksey







More information about the xmlsec mailing list