[Neuclear-develop] xml dsig question

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Mark,
I want to ask you to give me a little help on my problem. If you don't have
time
just tell me a link to a forum where xml digital signatures are discussed.

Let me explain my problem.
I'm creating an applet to digitally sign xml documents according to w3c
recommendation.
I use enveloped signatures. Because I use only my code for signing I need to
know
exactly what is signed. When I sign a document like this everything is OK.

Document to sign:

<?xml version="1.0" ?>
<MyDocument Id="MyDocument">
<MyData>Data to be signed!</MyData>
</MyDocument>

I create SignedInfo element which looks like this (after canonization):

<CanonicalizationMethod
</Canonicalizati
onMethod>
<SignatureMethod
</SignatureMethod>
<Reference URI="#MyDocument">
<Transforms>
<Transform
</Transfor
m>
<Transform
</Transform>
</Transforms>
<DigestMethod
/DigestMethod>
<DigestValue>G4J2tuGKazay8hcG8hRBzQoobpg=</DigestValue>
</Reference>
</SignedInfo>

I sign this SignedInfo compose Signature element and everything is ok.
(I use a third party software for validation and it validates my document
correctly).

The problem occured when I want to sign document, containing namespace
declaration.

Document to sign:

<?xml version="1.0" ?>
<MyDocument Id="MyDocument">
>Data to be signed!</MyData>
</MyDocument>

Again I create the same SignedInfo element (except the DigestValue,
but verification fails. My supposition is that I have to modify
SignedInfo element because my initial xml document has declared a
namespace. Can anyone give me some suggestions how my SignedInfo
element should look like. I need the final SignedInfo element, just
before it is actually signed.

Thanks in advance.

Alexander