
Panic when Reference does not have any transform when signing

Currently, I'm playing with this library and found that when I have some ds:Reference that does not have any ds:Transforms (not appear in XML document) the library will panic when I try to sign the XML document.

I dig through the code and find that this line is nil when the XML document doesn't have any ds:Transforms in ds:Reference causing panic (empty ds:Transforms is OK).

My current workaround

  • Add empty ds:Transforms to ds:Reference.

Example XML Before Signing

    <Text>Hello World!</Text>
  <ds:Signature xmlns:ds=""
    <ds:SignedInfo xmlns:ds="">
      <ds:CanonicalizationMethod Algorithm="" />
      <ds:SignatureMethod Algorithm="" />
      <ds:Reference Id="xmldsig-186cb59f-c7be-4e9d-a1e8-9fa311754f7e-ref0">
        <ds:DigestMethod Algorithm="" />
          <ds:Transform Algorithm="" />
          <ds:Transform Algorithm="" />
      <ds:Reference Type="">
        <ds:DigestMethod Algorithm="" />
    <ds:Object xmlns:xades=""
      xmlns:xades141="" Target="">
      <xades:SignedProperties Id="xmldsig-186cb59f-c7be-4e9d-a1e8-9fa311754f7e-signedprops">
                <ds:DigestMethod Algorithm="" />

PS. I'm also new to XML signing but I did walk through the XMLDSIG spec, and found that the min occurrence of ds:Transforms can be 0.

Thanks for providing the xml. That really helps create a test case. I've fixed the panic and will make a release shortly.