[xmlsec] Verify - OpenSSL vs mscrypto
Dmitry Belyavsky
beldmit at cryptocom.ru
Wed Jan 11 11:12:45 PST 2006
Greetings!
On Wed, 11 Jan 2006, Edward Shallow wrote:
> Dmitry,
>
> I have not checked your latest patch, but to avoid my concern 2) below, can
> you call certCreateCertificateContext from the pbCertEncoded certificate
> extracted from the signed document instead of expecting it to already be in
> a store ? This would avoid the need for the verifier to have the signer's
> public certificate in any of their stores.
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/s
> ecurity/certcreatecertificatecontext.asp
>
> If you are not already doing this, is this possible ?
XMLSec extracts certs from the document itself. Signer's cert shouldn't
be present in any store, it may be present in the document only. Sorry,
I can't answer your question.
--
SY, Dmitry Belyavsky (ICQ UIN 11116575)
More information about the xmlsec
mailing list