In case it isn't obvious (it wasn't to me at first), the fact that an element appears as "<param/>" in the signed document does not mean those are the bytes that were used in generating the signature. The point of canonicalization is that a canonical form of the document is used to calculate the hash, but the document that contains the resulting signature may not be (and generally is not) rewritten in canonical form.
Put differently, the canonicalized document is a temporary copy. Sorry if you already knew this. Since you said "it seems that java signed empty tags" a certain way, not that you were certain this is the case, I thought it worth pointing out that this might not in fact be the problem. -----Original Message----- From: Scott Cantor [mailto:canto...@osu.edu] Sent: Tuesday, January 27, 2009 2:31 PM To: security-dev@xml.apache.org Subject: RE: Invalid Signature problem through Empty elements are converted to start-end tag pairs Harakiri wrote on 2009-01-27: > however it seems that java signed empty tags as: > > <param name="myparam"/> > > but apache security correctly validates as > > <param name="myparam"></param> > > Since i cant just change existing signatures, how can I modify the apache > xmldsig validation so that it will not compute the hash over the empty tags > as <param></param> but as <param/> ? If you're using c14n (either version) as defined today, the signature digest is over the <tag></tag> form, not the other form. That's part of c14n. I doubt what you're using is really doing that wrong, unless it's one-off signing code that isn't interoperable at all. But you can't make Apache's code do this wrong, no. -- Scott
