I'm having trouble verifying an XML signed document that was created by SiteMinder with Ruby on Rails xmldsig gem. I cloned the gem and ran through it with the debugger, and I can't find anything wrong. It fails both [:digest_value, :signature]. However, this online tool says the XML is valid (but the certificate is not trusted):
http://www.globaltrustfinder.com/XMLSignatureVerificationStep1.aspx
This online tool says the XML is invalid: http://www.aleksey.com/xmlsec/xmldsig-verifier.html
Sorry I can't post the XML because it contains email addresses, and it wouldn't help to take them out if it is signed. But here is the <ds:Signature> http://pastebin.com/CxYkgBhx
I tried to run xmlsec1 from the command line, but it would not install correctly.
I tried to verify the document in XMLSpy, but it said Canonical XML of type 'http://www.w3.org/2001/10/xml-exc-c14n#' is not supported?!