Have just checked in some code updates to overcome bug 28162. Do do it, I made Reference.getDigestValue() throw an XMLSecurityException, which it didn't do before. I could have had it throw a Base64 exception (which would not break the API), but that seemed artificial.
Let me know if that's not OK.
Out of interest - there may be a few places in the library where it won't check that the XML is OK, and will throw a null ptr exception rather than something more informative. Something we might want to look at post 1.1.
I'm going to commit a TODO file to the repository with some of these things, otherwise we're just going to keep forgetting them :>.
Cheers,
Berin