Please read section 3.2 from the FAQ http://www.aleksey.com/xmlsec/faq.html You have to use DTD if you want to use ID attributes. Also the xmlsec command line utility has nice options "--store-references" and "--store-signatures". These options allow you to get the pre-digested or pre-signed raw data. Use these options with your files and see what is wrong.
Aleksey
Tsai Kun Lai(Ecom) wrote:
Hi Aleksey:
I am trying XPath implementation. I use your xmlsec library(1.0.2),
, to sign a XPath template xml file. And then I paste it onto infomosaic
online verification page
http://www.infomosaic.net/XMLSign/SecureXMLWSInfo.htm
But the result shows that the digestvalue computation is wrong. In
this case, xpath selects self::* , which contains only the context node
itself, so the nodeset shall be "<Object></Object>". After C14N normalization,
it would be "<Object xmlns="http://www.w3.org/2000/09/xmldsig#";></Object>"
But from the digestvalue, I guess the output before digesting is "<Object></Object>"
(I directly compute "<Object></Object>" with sha1 and derive the same digestvalue.)
Do I mistakenly use your library? Would you like to point out what I make a mistake?
Thank you very much..
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
