[xmlsec] Detached signature validation problem
Aleksey Sanin
aleksey at aleksey.com
Thu Mar 6 07:28:38 PST 2008
You probably want to overwrite the IO callbacks
http://www.aleksey.com/xmlsec/api/xmlsec-io.html
However, I don't know if this would work for
a document *without* URI. You probably want to
identify it somehow and assign *some* uri
(e.g. foo://<document id> or something like this).
Then IO callbacks could catch scheme "foo" and
load the document you need.
Aleksey
Frank Gross wrote:
> Hi,
>
> I have a problem when I try to validate a detached signature against
> my document. The 'xmlSecDSigCtxVerify' function takes two parameters,
> the DSig context, and the node pointing to the signature
> <dsig:Signature/> <http://www.w3.org/TR/xmldsig-core/#sec-Signature>
> node. But as my detached signature has no URI, how can can I specify to
> the context the document that it has to validate. (The XML-Signature
> specification says that in such case, the application is supposing to
> know what was signed). Indeed, I try to build an API that sign any
> document build in memory and then saved with the detached signature to
> the disk (as a separated XML document of course), and another one to
> load both XML documents to validate the signature.
> I was able to sign and verify an enveloped signature, because in that
> case the signature is inside the document itself, but with detached
> signatures, what is the procedure ?
>
> Can someone help, or point me to the documentation explaining how to do.
>
> Thanks a lot,
>
> Frank
>
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list