<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Hi!</FONT></DIV>
<DIV><FONT face=Arial size=2>
<DIV><FONT face=Arial size=2></FONT> </DIV></FONT></DIV>
<DIV>
<DIV><FONT face=Arial size=2>As I understand there are two ways to verify a
signature against public keys </FONT><FONT face=Arial size=2>not included in the
signature </FONT><FONT face=Arial size=2>itself.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Either load the public key and send it as a
parameter to the </FONT><FONT face=Arial size=2>xmlSecDSigValidate
function </FONT><FONT face=Arial size=2>or to add the public key to the
Keymanager and use the xmlSecKeyOriginKeyManager flag so that the </FONT><FONT
face=Arial size=2>key manager are searched for a key to use when
verifying.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I have tried both but does not break
through.</FONT></DIV></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I could not find a way to load a usable (public)
xmlSecKey.</FONT></DIV>
<DIV><FONT face=Arial size=2>I tried to use xmlSecKeyReadPemCert and it read the
file but then the keydata in the xmlSecKeyPtr was NULL and the key was rejected
when I tried to use it.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I the tried to use the
xmlSecSimpleKeysMngrLoadPemKey but it </FONT><FONT face=Arial size=2>does not
accept PEM-files starting with</FONT></DIV>
<DIV><FONT face=Arial size=2>"-----BEGIN CERTIFICATE-----" which my certificate
dooes.</FONT></DIV>
<DIV><FONT face=Arial size=2>As I understand it is the PEM_read_PUBKEY openssl
function that rejects the file.</FONT></DIV>
<DIV><FONT face=Arial size=2>Do external certificates have to be on </FONT><FONT
face=Arial size=2>this format or </FONT><FONT face=Arial size=2>are there any
other ways to </FONT><FONT face=Arial size=2>load public keys from PEM
certificatefiles starting with "</FONT><FONT face=Arial size=2><FONT
face=Arial size=2>-----BEGIN CERTIFICATE-----"?</FONT></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>:)</FONT></DIV></BODY></HTML>