Hi all, while doing some tests with Encryption and Signing a SOAP message (in that order: encrypt, then sign) I use a pre-release version of xmlsec XMLCipher class.
The XMLCipher produces the following output when encrypting the SOAP Body child element: <soapenv:Body xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"; wsu:Id="digestSource"> <xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"; wsu:Id="enc1"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";></xenc:EncryptionMethod><xenc:CipherData><xenc:CipherValue>sz+gsWaHapbvGLOyh0RYBsiGtezD8dlIO5n8WwOS4zPilN+/9TvFCnoGytGf83gIC8nYrqVcCL1o
 6eBu5lE/kjuxq4Hc04kFBiZeSPkgLUtbfnQIqAdAYQ==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData> </soapenv:Body> As one can see there is a "
" ('\r')at the end of the first CipherValue line. This causes problems during the signature verification. The signature includes the \r, but when the message is parsed at the receiver the \r is discarded, Signature verfication fails :-). AFAIK, the parser can discard the \r due to line-end normalization. Therefore XMLCipher should use the standard xmlsec Base64 functions to encode the CipherValue (this is the workaround I use: decode CipherValue, then re-encode with Base64 to get rid of \r) Regards, Werner
