I'm trying to validate a soap message using the Apache XML security library.
Thus far, I have based my solution similar to the SimpleValidate.cpp provided.
However, it seems that I get the messge "Unknown KeyInfo element found". I
believe I have tracked the issue back to DSIGKeyInfoList::addXML
Where can I get a list of the known C14N bugs in XMLSec 1.3.0?
I have a problem where one of my unit tests is incorrectly failing due
to a pattern like the following:
http://www.w3.org/2000/09/xmldsig#SignatureProperties";
URI="#47b38f3b">
http://www.w3.org/2001/10/xml-exc-c14n#";>
http://www.
I think your interpretation is wrong: whitespace around comments is
irrelevant only when they're outside the document element (the single
root element).
See http://www.w3.org/TR/xml-c14n#Example-OutsideDoc
-Anli
jason marshall wrote:
Where can I get a list of the known C14N bugs in XMLSec 1
Ah, that does appear to be the case. Thank you.
So I can add comments to a signed node, but only if I don't modify the
whitespace outside the comment. Which sort of makes the utility of
being able to add/modify comments to a signed node annoying at best
(and sinister at worst, which is exactly w
> Could
> you tell me if there is some flag or some method that I can use to bypass
> the error/function call for keyinfo when using the load function (which
> eventually calls this function).
Nope. That's a bug. Skipping the extension may be a viable fix to get around
the exception, but the code