I create xml document, add Singature node, create signature and then serialize document in such way:
------------------------------begin---------------------------------
XMLCh tempStr[100];
XMLString::transcode("LS", tempStr, 99);
DOMImplementation *impl
=DOMImplementationRegistry::getDOMImplementation(tempStr);
DOMWriter *theSerializer =
((DOMImplementationLS*)impl)->createDOMWriter();DOMPrintFilter *myFilter=0; // set user specified end of line sequence and output encoding theSerializer->setNewLine(gMyEOLSequence); theSerializer->setEncoding(gOutputEncoding);
XMLFormatTarget *myFormTarget; myFormTarget = new MemBufFormatTarget(50000);
theSerializer->writeNode(myFormTarget, *doc);
XMLByte *buf; unsigned int uiBufLen = ((MemBufFormatTarget*)myFormTarget)->getLen();
const XMLByte* pcBuf; pcBuf = ((MemBufFormatTarget*)myFormTarget)->getRawBuffer();
-------------------------------end---------------------------------
And pcBuf points to buffer with XML doc wich is unfortunatelly reordered (I mean, DOMWriter sorts attributes in node, changes '<', and '&'m etc.) and when I try to verify signature over this doc application says 'verification failed'. The answer from xerces group was: you probably have forgotten to canonicalize before signature. And here is the question: is it possible? I thought, that xmldsig library during signature creation and during signature verification canonicalizes my xml document and that this is not important what is the order of attributes in this document.
looking for your help,
andrew