Sorry for a kind of off-topic question, but the whole thing is driving me nuts.
Here's my problem:
I have to implement an XML digital signature checker, but unfortunately, without using the xmlsec library. This environment has a specially patched (and 0.9.6 only) libssl that renders xmlsec library unusable. Here's the problem:
I read the xml file, parse it with libxml2, then I try to canonize it with:
xmlC14NDocDumpMemory(xmlDoc, NULL, 1, NULL, doc_txt_ptr);
where xmlDoc is an xmlDocPtr, and doc_txt_ptr is an **xmlChar.
When I dump the canonized content, it seems ok, at least it's readable, has 0x0a at each line end, has no whitespace but 0x20, etc....
At the next step, I look for the referenced URI in the document, in my case, it looks like this: <Reference URI="#Body">. It is a digitally signed XML SOAP content, so it refers to the section, starts with "<SOAP-ENV:Body". I check through the document, and cut the part _starting_ with <SOAP-ENV:Body and _ending_ with: </SOAP-ENV:Body>. The < is the first byte in my sha1 buffer and the last one is a > (of the both SOAP-ENV:Body tags). I generate an sha1 hash, then do a base64 encoding. (I encode the bytes, not the UTF8 chars, of course) and it produces a DigestValue for me.
Here's the catch: whatever I do, the DigestValue will not match the one specified in the Reference section.
I simply don't know what to do next. I dumped the sha1 hash buffer and ran across a manual OpenSSL dgst -sha1 and it produces the same hash that my code does (I use mhash library, to replace openssl) _and_ when I run this byte content across uudecode -m, it produces the _same_ base64 hash that my code produces! So it seems that sha1 and base64 hashing works ok.
What do I miss?
Any answer will be appreticated, thanks in advance.
Artur Bujdoso
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
