In this particular case, this means that "xmlns=...." would be added to <Object/> node.
Try "--print-all" option for xmlsec utility, it'll show you what *exactly* was signed
(this option works with "verify" command only).
Aleksey
Juan Vassallo wrote:
Hello Aleksey, Im using xmlsec to sign a small xml, which gives me this result: <?xml version="1.0"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI="#dato"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>SYTZaLPmi5a8xs/+tGm3YxxcU7E=</DigestValue> </Reference> </SignedInfo> <SignatureValue>p07rV1zErKFQaCM/5l6ajJxdzqb7lA0KLO5p8qCpISkvWaPgAphMF3Aef4y0mNUG0evqHjWJPBpXtlWK7opGww==</SignatureValue> <Object Id="dato">H</Object> </Signature>
I would like you to tell me how does the library calculate the sha1 hash, since as i�ve been checking it is not: sha1("H") or sha1("<Object Id="dato">H</Object>") neither sha1("<Object>H</Object>") I�ve been reading the library source code but i was unable to find the way in which you gather the information being hashed with sha1.
Best regards,
Juan Vassallo
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
