[xmlsec] exc c14n w/o comments bug

xs04.jmdesp at free.fr xs04.jmdesp at free.fr
Wed May 12 09:29:38 PDT 2004 

Quoting Aleksey Sanin <aleksey at aleksey.com>:
> Can you provide a complete example, please?

I'm signing in a test.xml file this :
<?xml version="1.0" encoding="UTF-8"?>
<c:Document xmlns:c="http://c" xmlns:a="http://a" Id="A123456789">
    <a:Act a:Date="2004-02-11" a:Number="CT123456A" a:CodeAct="3">
        <a:CodeMat1 a:CodeMat="2"/>
        <a:CodeMat2 a:CodeMat="2"/>
        <a:Objet>moimoqsui movuirtmvqntmovuiqrenremvonqsmjhgfqmskjhg</a:Objet>
    </a:Act>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo>
    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <ds:Reference URI="#A123456789">
      <ds:Transforms>
        <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
         
<ds:XPath>count(ancestor-or-self::ds:Signature|here()/ancestor::ds:Signature[1])&gt;count(ancestor-or-self::ds:Signature)</ds:XPath>
        </ds:Transform>
        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      </ds:Transforms>
      <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
      <ds:DigestValue></ds:DigestValue>
    </ds:Reference>
  </ds:SignedInfo>
  <ds:SignatureValue></ds:SignatureValue>
  <ds:KeyInfo>
    <ds:X509Data>
      <ds:X509IssuerSerial/>
    </ds:X509Data>
  </ds:KeyInfo>
  <ds:Object>
  </ds:Object>
</ds:Signature></c:Document>

with :
xmlsec.exe sign --privkey key.pem,cert.pem --store-references --id-attr:Id
Document --output out.xml test.xml > log

And I get that inside log :
=== Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1)
== PreDigest data - start buffer:
<c:Document xmlns:c="http://c" Id="A123456789">
    <a:Act xmlns:a="http://a" xmlns:a="http://a" xmlns:a="http://a"
a:CodeAct="3" a:Date="2004-02-11" a:Number="CT123456A">
        <a:CodeMat1 xmlns:a="http://a" a:CodeMat="2"></a:CodeMat1>
        <a:CodeMat2 xmlns:a="http://a" a:CodeMat="2"></a:CodeMat2>
        <a:Objet xmlns:a="http://a">moimoqsui
movuirtmvqntmovuiqrenremvonqsmjhgfqmskjhg</a:Objet>
    </a:Act>
</c:Document>
== PreDigest data - end buffer

More information about the xmlsec mailing list