issue validating soap message

2008-09-03 Thread Brian S
I'm trying to validate a soap message using the Apache XML security library. Thus far, I have based my solution similar to the SimpleValidate.cpp provided. However, it seems that I get the messge "Unknown KeyInfo element found". I believe I have tracked the issue back to DSIGKeyInfoList::addXML

Known C14N bugs?

2008-09-03 Thread jason marshall
Where can I get a list of the known C14N bugs in XMLSec 1.3.0? I have a problem where one of my unit tests is incorrectly failing due to a pattern like the following: http://www.w3.org/2000/09/xmldsig#SignatureProperties"; URI="#47b38f3b"> http://www.w3.org/2001/10/xml-exc-c14n#";> http://www.

Re: Known C14N bugs?

2008-09-03 Thread Anli Shundi
I think your interpretation is wrong: whitespace around comments is irrelevant only when they're outside the document element (the single root element). See http://www.w3.org/TR/xml-c14n#Example-OutsideDoc -Anli jason marshall wrote: Where can I get a list of the known C14N bugs in XMLSec 1

Re: Known C14N bugs?

2008-09-03 Thread jason marshall
Ah, that does appear to be the case. Thank you. So I can add comments to a signed node, but only if I don't modify the whitespace outside the comment. Which sort of makes the utility of being able to add/modify comments to a signed node annoying at best (and sinister at worst, which is exactly w

RE: issue validating soap message

2008-09-03 Thread Scott Cantor
> Could > you tell me if there is some flag or some method that I can use to bypass > the error/function call for keyinfo when using the load function (which > eventually calls this function). Nope. That's a bug. Skipping the extension may be a viable fix to get around the exception, but the code