The attached diff makes the problem go away for my code and illustrates what's happening. In line 1122 of XSECC14n20010315.cpp, m_formatBuffer becomes zero length, so every attribute gets added to the sort list with the same key, meaning that all attributes except the first in an element get discarded in canonicalization.
See http://xml.apache.org/xerces-c/apiDocs/classDOMNode.html#z231_4 Perhaps this is why getLocalName is returning null? Maybe the code should test, and use getNodeName if getLocaName returns null. Hope this helps, -Ian On Mon, 19 Jul 2004, Ian Alderman wrote: > I was able to make some progress on debugging this. > > Debugging by printing the SignedInfo bytes as they get hashed (in > TXFMSHA1.cpp), I was able to determine that these bytes are different > when they get signed than they are when they get verified (and so the > hash is also different). Specifically, if I use the following > stylesheet, some of the "select" attributes (which happen to be second > attributes) get discarded. > > My stylesheet and code are here: > http://www.cs.wisc.edu/~alderman/xsec/ > > -Ian > > > It would appear that the transform is being applied correctly; the > > digest is the same as is produced by the Java library, but the > > signature is different (the Java library signature verifies). >
85 ferdinand ~/workspace/xml/src/xml-security/xml-security/c/src > cvs diff canon ? canon/Makefile ? canon/Makefile.in ? canon/XSECC14n20010315.cpp.ORIG cvs server: Diffing canon Index: canon/XSECC14n20010315.cpp =================================================================== RCS file: /home/cvspublic/xml-security/c/src/canon/XSECC14n20010315.cpp,v retrieving revision 1.15 diff -r1.15 XSECC14n20010315.cpp 1122c1122 < m_formatBuffer << (*mp_formatter << tmpAtts->item(i)->getLocalName()); --- > m_formatBuffer << (*mp_formatter << > tmpAtts->item(i)->getNodeName());
