Good day, The XSecurity implementation seems to allow having multiple signed Signature nodes in the same XML file. I have done this in fact but there is one small problem I am experiencing, it won't validate after being read in from a file.
If I create a fresh DOMDocument and add 2 DSig's to it, it signs and verifies fine. Afterwhich time I save it to an XML file which also looks fine. However if I read in that signed XML file (FileA), the verification fails. If I write out the DOMDoc to disk again without altering anything the file is identical to FileA. However if I read in FileA, re-sign and save it(FileB), the 2 output XML files are identical w.r.t. digest values, but the signature values produced are different. I have tried to debug this with my limited insight into the XSec source and notice that the hash produced by a call to DSIGSignature::calculateSignedInfoHash produces different results for FileA and FileB. Herein the problem lies. I even tried DOMNode::IsEqual on the DOMDoc's before I wrote FileA and after reading in FileA and IsEqual fails. Has anyone tried a multiple signature test case? I know this isn't the most common thing to do, but I am basically following the "checksig" project provided, but I use XSECProvider::newSignatureFromDOM( DOMDoc *, DOMNode *) since I have multiple signatures. If anyone has any ideas of things to try it would be really helpful. Thanks in advance Andrew
