Hi, I don't see anything obvious as to why it doesn't work, maybe a bug. Can you create a testcase please that reproduces the problem?
Colm. On Mon, Sep 2, 2024 at 7:49 AM Micha Wensveen <[email protected]> wrote: > > Good Morning, > > I hope somebody can help me. > > I upgraded my application from using xmlsec 3.0.4 to 4.0.2. > However when I validate a digital signature that has been created with > version 3.0.4 it fails validation with these logmessages > > 2024-09-02 06:32:17,581 [main] WARN o.a.xml.security.signature.Reference - > Verification failed for URI "myfile.xml" > 2024-09-02 06:32:17,582 [main] WARN o.a.xml.security.signature.Reference - > Expected Digest: dsslKYCcuSb+MHq9e36/JbugIuP7LdkLlUqiScdqgXs= > 2024-09-02 06:32:17,582 [main] WARN o.a.xml.security.signature.Reference - > Actual Digest: 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU= > > This only happens when using xpath transformation > > <ds:Reference Id="xmldsig-ref1" URI="myfile.xml"> > <ds:Transforms> > <ds:Transform > Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> > <ds:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2";> > <dsig-xpath:XPath > xmlns:dsig-xpath="http://www.w3.org/2002/06/xmldsig-filter2"; > xmlns:xbrli="http://www.xbrl.org/2003/instance"; > Filter="intersect">xbrli:xbrl//*[@id!='' and not(starts-with(@id, > 'kvk-i_DocumentAdoption'))]</dsig-xpath:XPath> > </ds:Transform> > </ds:Transforms> > <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> > <ds:DigestValue>dsslKYCcuSb+MHq9e36/JbugIuP7LdkLlUqiScdqgXs=</ds:DigestValue> > </ds:Reference> > > Is there a migration document to migrate to version 4? > Is there something that I need to change in my code? > > Any help will be appreciated. > > > kind regards, > > > Micha Wensveen > > > > This communication is intended for the person(s) named above only. It > contains information that is confidential and legally privileged. If received > in error, please delete this e-mail and notify the sender. > >
