The W3C standard describes this case. http://www.w3.org/TR/xmlenc-core/
2.1.4 Encrypting Arbitrary Data and XML Documents If the application scenario requires all of the information to be encrypted, the whole document is encrypted as an octet sequence. This applies to arbitrary data including XML documents. <?xml version='1.0'?> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' MimeType='text/xml'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> -----Message d'origine----- De : Berin Lautenbach [mailto:[EMAIL PROTECTED] Envoyé : mardi 4 avril 2006 11:24 À : security-dev@xml.apache.org Objet : Re: xml encryption/decryption of binary data Larchier Christophe wrote: > I sign with XML Signature. > Note that canonicalization is not allowed. Then it's not truly XML signature. Without canonicalisation you run into the problems that you are seeing. So the only real way past is to treat your document as a byte stream rather than an XML document and sign it inside a set of elements as described earlier. Cheers, Berin
