Scott Cantor wrote:
Inconsistent c14n has caused us to have validation failures in the past,
and
I have found no decent way to finding out what exactly the canonicalizer
output looks like. I've had to use the debugger and set the "os" stream to
a
FileOutputStream in DOMReference.transform(Data, XMLCryptoContext) so the
canonicalizer writes to a file, then I can compare c14n output on the
signer
and validator components.
There's a logging category that dumps exactly what gets digested, so you
don't really need to do this to get hold of the bytes.
See my blog entries on how to dump this either via logging or
programattically:
http://weblogs.java.net/blog/mullan/archive/2006/02/more_xml_signat_1.html
http://weblogs.java.net/blog/mullan/archive/2007/08/even_more_xml_s.html
--Sean
