Check how to you serialize XML document. You *don't* want to format
signed document.
Aleksey
Lehnert, Hartmut wrote:
Nachricht
Hi,
I'm
using xmlsec with my own crypto lib (smartcard signatures) to generate
XML signatures. The Signature node is generated dynamically - together
with a XAdES Object node containing SignedProperties (e.g.
SigningTime). To use these SignedProperties a Reference node is created
below SignedInfo node.
I've
also written an OpenSSL based verificator for the output docs of the
first application.
Now
comes the problem: When I generate the complete Signature node
dynamically, the hash value for the SignedProperties cannot be
reproduced by the OpenSSL based application, but when I use the output
of the first application as an input with Signature node template (also
for the first application), then the output hash values now can all be
verified by the OpenSSL based application. An example for the input
docs with Signature template is appended to this email.
Do
you have an idea?
Thank
you very much.
Hartmut
Lehnert
|
