Mike Haller wrote:
But after some marshalling/unmarshalling with Castor, the resulting
Document has no newlines any more, hence the SignatureValue of the
SignedInfo element is invalid.
How do I tell XMLSignature to add newlines into the SignedInfo before
validation? Or should I remove the newlines before signing? And how to
do that?
Unfortunately, you can't get XMLSignature to add or delete new lines
during signing/verification. There is no way for the library to know
how many new lines to add, how to indent, etc. to get back to the
original form. So if you have something in the processing of your XML
that removes this pretty-printing, you need to make sure it happens
*before* you sign, so that what is signed is also what will be validated
(in terms of newlines/tabs/spaces etc.)
I don't know why the Canonicalization fails at the verification process,
do I have to add the same transforms from the signing process again in
the verification process? I thought that it's sufficient to add them in
signing process, since the canon method is clearly visible in the
Signature element itself.
Canonicalisation doesn't remove or add newlines. It simply transforms
everything in the XML into a standard bytewise format.
kind regards
Mike
Hope that helps!
Cheers,
Berin
