I'd appreciate comments on this, because I have never run against this kind of problem before in dealing with xml trees, and I have dealt with them quite a bit.
I mentioned before that I use output from one test to fuel other tests. Therefore I end up with xml data that I "compile" as variables. What I found is that xmlSecDSigValidate will fail in obtuse ways if you don't format your data EXACTLY as it was generated. IMHO, xml trees shouldn't care about newlines, EVER. Here is the data I compiled. Note the presence of the \n characters. Add one or delete one and validation will fail. BTW the same is true for PEM keys except they require \r\n characters in their representation at the end of each line. const char *const valid_signed_document = "<?xml version=\"1.0\"?>\n" "<SignedDocument HashType=\"SHA1\">" "<DocumentText>C32733A4A7B814BF1E2A1C62DF4AD3D947F14F4F</DocumentText>" "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\";>\n" "<SignedInfo>\n" "<CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"/>\n" "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\"/>\n" "<Reference>\n" "<Transforms>\n" "<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>\n" "</Transforms>\n" "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>\n" "<DigestValue>XhHSuXYPL/z/ggVVvgePCNqX0WE=</DigestValue>\n" "</Reference>\n" "</SignedInfo>\n" "<SignatureValue>iHOHNAMjEMCUpTD7bSDBkAYNYX5oGMwdzUUTHlZpwJ8G2mjCQyWyiw==</SignatureValue>\n" "<KeyInfo>\n" "<KeyValue>\n" "<DSAKeyValue>\n" "<P>\n" "kGibeF5BZlcgpiwO24ckwnojS/xldXpA46AvXu5j/uKnMgZRZAKqnMLLy8EWNqRgl5AEikS0sBofC5tWU3oOxU" "EQmzkbDKfiM43ePmYSujcjUU4c0v7yrDXstzs6/3Lz3B3zhg0nhwN7xlVNKyNgGDPxcISYjl2Le5RfjHVdAl0=\n" "</P>\n" "<Q>\n" "jp7LT2KHDFGPnZQACv62U7gxOTU=\n" "</Q>\n" "<G>\n" "XV5pnUDC1D5J/IUOc3orzx8pu8JQnt1fnwwD8VS51bveYjyT2PIU1laHqzSTzaaUI5WYS20LmXcLMsMsLBFGf" "+EvfEUAmYipgXSI/HKOmjLPYPmAx5kSz/oePzTX4SKWRvKAkMdqVPQMoo91umCYFGG6MaduM/XhnDUDcW6o3s0=\n" "</G>\n" "<Y>\n" "JmAWvfusQGi1PMog3b5abCDZVcjbNgBn90bCE86BQwQZfa0ZdZukUc+ZAraBxsCpZ/wwcgT3IHCVt7mttlJR" "Iibs00u9Yze8QzxZjFJ7WsXwSKTX+hDXTai0wk/pU0xnfTzhUQd0w5fzHSkIEpFQrEy3sNkw3dN+VfCs+I9jG/o=\n" "</Y>\n" "</DSAKeyValue>\n" "</KeyValue>\n" "</KeyInfo>\n" "</Signature></SignedDocument>"; -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Meg Morgan 425/450-2754 [EMAIL PROTECTED] http://www.votehere.net _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
