Hi, when the XMLSec library processes a reference with a #WithComments canonicalization, it doesn't include the comments in the PreDigest data.
Is this a bug or have I misunderstood how the [...]#WithComments canonicalizations are supposed to work? To test this I used version 1.2.11 of the XMLSec library, with the sign1-program from: http://www.aleksey.com/xmlsec/api/xmlsec-examples-sign-template-file.html#XMLSEC-EXAMPLE-SIGN1 I modified this program slightly to do a debug dump after creating the signature. The program is attached as sign1.c, and the debug output is attached as debug.txt. The document i tried to sign was test.xml, which is also attached. data.xml looks like this: <?xml version="1.0" encoding="UTF-8"?> <Test> <!-- Comment! --> <Data>test</Data> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> ... </Signature> </Test> And the relevant part of the debug output is this: [...] === Transform: c14n-with-comments (href=http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments) [...] == PreDigest data - start buffer: <Test> <Data>test</Data> </Test> == PreDigest data - end buffer [...] Thanks, Olav Morken _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
