Ah, that does appear to be the case. Thank you. So I can add comments to a signed node, but only if I don't modify the whitespace outside the comment. Which sort of makes the utility of being able to add/modify comments to a signed node annoying at best (and sinister at worst, which is exactly why I'm currently reworking my tests).
Thanks, Jason On Wed, Sep 3, 2008 at 3:38 PM, Anli Shundi <[EMAIL PROTECTED]> wrote: > I think your interpretation is wrong: whitespace around comments is > irrelevant only when they're outside the document element (the single root > element). > > See http://www.w3.org/TR/xml-c14n#Example-OutsideDoc > > -Anli > > jason marshall wrote: > > Where can I get a list of the known C14N bugs in XMLSec 1.3.0? > > I have a problem where one of my unit tests is incorrectly failing due > to a pattern like the following: > > > <ds:Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties"; > URI="#47b38f3b"> > <ds:Transforms> > <ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform> > </ds:Transforms> > <ds:DigestMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#sha256";></ds:DigestMethod> > <ds:DigestValue>qZhbpRF5y9PMnNsegBonsB1UTNjt3dE/t4P/NbFvFIE=</ds:DigestValue> > </ds:Reference> > > ... > <ds:SignatureProperties Id="47b38f3b"> > <!-- I'm just a little black raincloud... --> > <ds:SignatureProperty ... > > > The comment has been programatically added to the SignatureProperties > node to prove that comments aren't included in the digested data. > If I take out the carriage return after the comment, the test passes > as expected. With the newline, it fails. My understanding of C14N > without comments is that this code is in error. Am I right? Was this > fixed in a later version? > > (Is there a newer version that doesn't have any regressions in it? > The general bug history seems to indicate the answer is 'no') > > Thanks, > > > -- > - Jason > > -- - Jason
