Summary
Implement same-document URI resolution for XMLDSig <Reference> elements:
- Empty URI (
"") → entire document without comments
- Bare-name
#id → element subtree by ID attribute
#xpointer(/) → document root with comments#xpointer(id('...')) → element subtree by ID (XPointer form)- ID attribute registration (
ID, Id, id + custom names)
Technical Details
UriReferenceResolver builds a HashMap<&str, Node> index on construction for O(1) lookupsNodeSet type tracks included/excluded nodes with subtree exclusion supportTransformData enum (NodeSet / Binary) for the transform pipeline- Integration tested: URI dereference → NodeSet → C14N canonicalization end-to-end
Test Plan
- 19 unit tests covering all URI forms, error cases, edge cases (duplicate IDs, custom attrs, SAML-like docs)
- 11 integration tests verifying URI → NodeSet → C14N pipeline produces correct canonical output
- Includes SAML-specific scenarios (assertion subtree, enveloped signature exclusion)
Summary
Implement same-document URI resolution for XMLDSig
<Reference>elements:"") → entire document without comments#id→ element subtree by ID attribute#xpointer(/)→ document root with comments#xpointer(id('...'))→ element subtree by ID (XPointer form)ID,Id,id+ custom names)Technical Details
UriReferenceResolverbuilds aHashMap<&str, Node>index on construction for O(1) lookupsNodeSettype tracks included/excluded nodes with subtree exclusion supportTransformDataenum (NodeSet / Binary) for the transform pipelineTest Plan